318 matches found
EUVD-2026-24229
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
CVE-2026-40614
Summary of CVE-2026-40614 (PJSIP): PJSIP (2.16 and earlier) has a heap buffer overflow in Opus decoding due to insufficient bounds checking in the codec_decode path. The FEC decode buffers (dec_frame[].buf) are allocated using a PCM-derived size, which at 8 kHz mono yields 960 bytes, but codec_pa...
CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
CVE-2026-40614
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
PJSIP 安全漏洞
PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained security vulnerabilities, which stemmed from insufficient buffer...
PT-2026-34044
Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description A heap buffer overflow occurs when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers dec frame.buf are allocated using a...
Honeypot Protocol
Trusted monitoring, the standard defense in AI control, is vulnerable to adaptive attacks, collusion, and strategic attack selection. All of these exploit the fact that monitoring is passive: it observes model behavior but never probes whether the model would behave differently under different...
OPENSUSE-SU-2026:20394-1 Security update for mumble
This update for mumble fixes the following issues: Changes in mumble: - CVE-2025-71264: opus incorrect size calculations allow for an out-of-bounds array access and can lead to a client crash boo1259721 - Update to version 1.5.857: fixes for undesired ACL behavior Client bug fixes: UI, memory...
CVE-2025-71264
An out of bound array access flaw has been discovered in the mumble voip client. In certain situations decoding of opus encoded audio can attempt to access an array with an invalid index. This may result in a program crash. Mitigation Mitigation for this issue is either not available or the...
CVE-2025-71264
Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in...
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
CVE-2026-29068
PJSIP is affected by a stack buffer overflow in the pjmedia-codec RTP payload parser when a payload contains more frames than the caller-provided frames can hold. This impacts versions prior to 2.17. The vulnerability, with a CVSS 4.0 base score of 8.7 (Network attack vector, no user interaction,...
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
CVE-2026-29068 PJSIP: Stack buffer overflow in Opus codec parser
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...
LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days
This is amazing: Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models and a sign of how quickly things are moving. Security teams have been automating vulnerability discovery for years, investing heavily in fuzzing infrastructure and custom harnesses to find bu...
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
Artificial intelligence AI company Anthropic revealed that its latest large language model LLM, Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched Thursday,...
MiracleLinux 7 : gstreamer1-plugins-base-1.10.4-2.0.2.el7.AXS7 (AXSA:2025-11109:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11109:02 advisory. CVE-2024-47538: fix stack-buffer overflow in vorbishandleidentificationpacket function by limiting writing beyond boundaries of position array CVEs...
CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
Linux Distros Unpatched Vulnerability : CVE-2025-65102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime,...