Pjsip Vulnerabilities
Comprehensive security vulnerability database for Pjsip products
2
0
1
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-29068 | 8.7 | This vulnerability allows an attacker to crash the application or potentially execute malicious code by sending specially crafted RTP data that contains more frames than the software can handle. It affects versions prior to 2.17 of the PJSIP library, so using an updated version is crucial to prevent exploitation. | pjsippjsip | Theoretical | about 1 month agoMar 6, 2026 |
| CVE-2026-28799 | 8.7 | This vulnerability allows an attacker to potentially execute malicious code on a system using PJSIP by exploiting a flaw in the event subscription process when a user unsubscribes from presence updates. It can be triggered if the attacker can send a specific unsubscribe request, and it has been fixed in version 2.17 of the software. | pjsippjsip | Exploit Available | about 1 month agoMar 6, 2026 |
About Pjsip Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Pjsip products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.