CVE Catalog

CVE-2026-0129

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile — higher than 6% of all known CVEs

Summary

In RtcpByePacket::decodeByePacket, there is a possible vulnerability due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed.

Risk Assessment

This vulnerability could allow attackers to gain access to sensitive information, posing a threat to the organization's data security. User interaction is needed for exploitation.

Recommendation

It is recommended to implement proper bounds checking in the code and to monitor user activity to detect potential attempts to exploit this vulnerability.

Original NVD description (English source)

In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS