Security Advisory

CVE-2026-28799

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-06 06:36:55

Last updated 2026-03-09 19:50:33

Assigner GitHub_M

State PUBLISHED

Description

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIPs event subscription framework (evsub.c) that is triggered during presence unsubscription (SUBSCRIBE with Expires=0). This issue has been patched in version 2.17.

← Browse all CVEs View on cve.org ↗