CVE-2026-49840

EPSS 0.31%
Veröffentlicht 09.06.2026 16:00:56
Zuletzt bearbeitet 10.06.2026 15:06:24
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

FreeSWITCH: Pre-authentication heap buffer overflow in libesl `Content-Length` parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, esl_recv_event() parses Content-Length with atol() and passes the result straight to malloc(len + 1) with no sign or magnitude check. A malicious or man-in-the-middle ESL peer can send a frame with a negative Content-Length to corrupt the heap of, or crash, any process linked against libesl, before the client has authenticated to that peer. This issue has been patched in version 1.11.1.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 4 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Freeswitch ≫ Freeswitch Version < 1.11.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.31%	0.225

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CWE-195 Signed to Unsigned Conversion Error

The product uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive.

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://github.com/signalwire/freeswitch/security/advisories/GHSA-g597-9fgg-ghg9

Third Party Advisory

https://github.com/signalwire/freeswitch/releases/tag/v1.11.1

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-49840

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-49840

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-49840

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-49840