Low severity3.3NVD Advisory· Published Oct 27, 2025· Updated Apr 29, 2026
CVE-2025-12206
CVE-2025-12206
Description
A flaw has been found in Kamailio 5.5. The impacted element is the function rve_is_constant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this vulnerability genuinely exists. This attack requires manipulating config files which might not be a realistic scenario in many cases. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
9- shimo.im/docs/aBAYMVMB2jUP9jAjnvdExploitThird Party Advisory
- shimo.im/docs/aBAYMVMB2jUP9jAj/nvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
- www.openwall.com/lists/oss-security/2025/10/27/8nvdIssue TrackingMailing List
- www.openwall.com/lists/oss-security/2025/10/27/12nvd
- www.openwall.com/lists/oss-security/2025/10/27/8nvd
- www.openwall.com/lists/oss-security/2025/11/02/3nvd
News mentions
0No linked articles in our index yet.