signalwire

Top products

The 15 most recently published vulnerabilities affecting signalwire.

• CVE-2026-49848FreeSWITCH: Pre-authentication `userVariables` injection in `mod_verto`4.3Jun 9, 2026
• CVE-2026-49847FreeSWITCH: Stack overflow in bundled cJSON parser via deeply nested JSON7.5Jun 9, 2026
• CVE-2026-49843FreeSWITCH: Pre-authentication session eviction via attacker-chosen `sessid` in `mod_verto`5.3Jun 9, 2026
• CVE-2026-49842FreeSWITCH: Pre-authentication bandwidth amplification via `mod_verto` speed-test frames7.5Jun 9, 2026
• CVE-2026-49841FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read9.8Jun 9, 2026
• CVE-2026-49840FreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsing9.1Jun 9, 2026
• CVE-2026-49475FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing7.5Jun 9, 2026
• CVE-2026-49472FreeSWITCH includes a vulnerable function, PREFIX(prologTok)() from libexpat5.3Jun 9, 2026
• CVE-2026-45771Freeswitch Denial-of-Service in SIP PUBLISH Requests via XML Entity Expansion7.5Jun 9, 2026
• CVE-2023-51443FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation7.5Dec 27, 2023
• CVE-2023-40019FreeSWITCH allows authorized users to cause a denial of service attack by sending re-INVITE with SDP containing duplicate codec names7.5Sep 15, 2023
• CVE-2023-40018FreeSWITCH allows remote users to trigger out of bounds write by offering an ICE candidate with unknown component ID7.5Sep 15, 2023
• CVE-2023-32307heap-over-flow and integer-overflow in sofia-sip7.5May 26, 2023
• CVE-2023-22741heap-over-flow in stun_parse_attribute in sofia-sip9.8Jan 19, 2023
• CVE-2022-31003Heap-based Buffer Overflow and Out-of-bounds Write in Sofia-SIP9.1May 31, 2022