Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2026-25994
CVE-2026-25994
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames.
Published Feb 12, 2026
https://github.com/pjsip/pjproject/security/advisories/GHSA-j29p-pvh2-pvqp
CVSS Score
Critical
9.8
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
rpm
pjproject
2.3-6.el7
rpm
pjproject
2.3-7.el6
rpm
pjproject
2.9-2.el8
rpm
pjproject
2.9-2.epel8.playground
rpm
pjproject-debuginfo
2.3-6.el7
rpm
pjproject-debuginfo
2.3-7.el6
rpm
pjproject-debuginfo
2.9-2.el8
rpm
pjproject-debuginfo
2.9-2.epel8.playground
rpm
pjproject-debugsource
2.9-2.el8
rpm
pjproject-debugsource
2.9-2.epel8.playground
rpm
pjproject-devel
2.3-6.el7
rpm
pjproject-devel
2.3-7.el6
rpm
pjproject-devel
2.9-2.el8
rpm
pjproject-devel
2.9-2.epel8.playground
rpm
pjsua
2.9-2.el8
rpm
pjsua
2.9-2.epel8.playground
rpm
pjsua-debuginfo
2.9-2.el8
rpm
pjsua-debuginfo
2.9-2.epel8.playground
1-18 of 18
CVE-2026-25994 | Components Impacted | Sonatype Guide | Sonatype Guide
