CVE-2026-41416— PJSIP: Asymmetric ptime integer overflow in Media Stream

AI Predicted 7.5 Difficulty: Moderate EPSS 0.06% · P17 Updated Apr 27, 2026

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-41416

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

PJSIP: Asymmetric ptime integer overflow in Media Stream

Source: NVD (National Vulnerability Database)

Vulnerability Description

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an integer overflow in media stream buffer size calculation when processing SDP with asymmetric ptime configuration. The overflow may result in an undersized buffer allocation, which can lead to unexpected application termination or memory corruption This vulnerability is fixed in 2.17.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

整数溢出或超界折返

Source: NVD (National Vulnerability Database)

Vulnerability Title

PJSIP 输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PJSIP是pjsip开源的一个免费和开源的多媒体通信库，用C语言编写，实现基于标准的协议，如SIP, SDP, RTP, STUN, TURN，和ICE。 PJSIP 2.16及之前版本存在输入验证错误漏洞，该漏洞源于处理SDP时媒体流缓冲区大小计算整数溢出，可能导致缓冲区分配不足。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
pjsip	pjproject	< 2.17	-

II. Public POCs for CVE-2026-41416

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-41416

请登录查看更多情报信息。

Patches & Fixes for CVE-2026-41416 (1)

Fixed potential ptime integer overflow calculation in audio stream (#… · pjsip/pjproject@66fe416 · GitHubx_refsource_MISC

Vendor Advisories for CVE-2026-41416 (1)

Asymmetric ptime integer overflow in Media Stream · Advisory · pjsip/pjproject · GitHubx_refsource_CONFIRM

https://nvd.nist.gov/vuln/detail/CVE-2026-41416

IV. Related Vulnerabilities

Same product: pjproject

Same vendor: pjsip

Same weakness: CWE-190

V. Comments for CVE-2026-41416

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-41416— PJSIP: Asymmetric ptime integer overflow in Media Stream

Possible ATT&CK Techniques 1AI

I. Basic Information for CVE-2026-41416

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-41416

III. Intelligence Information for CVE-2026-41416

Patches & Fixes for CVE-2026-41416 (1)

Vendor Advisories for CVE-2026-41416 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-41416

Leave a comment