CVE Catalog

CVE-2026-45771

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

12th percentile - higher than 12% of all known CVEs

Summary

FreeSWITCH prior to version 1.11.0 contained an XML parser that did not limit the depth or count of nested <!ENTITY> declarations, leading to a potential 'billion laughs' attack. An attacker could exploit this flaw to force unbounded CPU and memory consumption with a single request.

Risk Assessment

The organization is vulnerable to attacks that could lead to system overload, resulting in service unavailability and potential downtime.

Recommendation

It is recommended to upgrade FreeSWITCH to version 1.11.0 or later to mitigate this vulnerability.

Original NVD description (English source)

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested <!ENTITY> declarations without a depth or count bound, so a small DTD can describe a body that expands exponentially ("billion laughs"). The PIDF body of a SIP PUBLISH is fed to this parser before any digest check, letting an unauthenticated network attacker force unbounded CPU and memory consumption with a single request. This issue has been patched in version 1.11.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS