Critical severityNVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026

CVE-2026-0826

Description

In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform.

Affected products

Microfocus/Poly Voicellm-create

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.hp.com/us-en/document/ish_15052661-15052687-16/hpsbpy04083nvd

News mentions

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation
Rapid7 Blog · Jun 1, 2026
CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)
Rapid7 Blog · Jun 1, 2026

cvss	0.585
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000