VYPR
Critical severity9.1NVD Advisory· Published Apr 24, 2026· Updated Apr 28, 2026

CVE-2026-41415

CVE-2026-41415

Description

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This vulnerability is fixed in 2.17.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Pjsip/Pjsip2 versions
    cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:teluu:pjsip:*:*:*:*:*:*:*:*range: <2.17
    • (no CPE)range: <=2.16

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.