CVE-2026-26203

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-26203

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-26203.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-26203

Aliases

GHSA-p965-mf7j-gwv8

Downstream

UBUNTU-CVE-2026-26203

Published

2026-02-19T19:28:58.859Z

Modified

2026-02-22T00:39:33.267207Z

Severity

5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L CVSS Calculator

Summary

PJSIP's pjmedia-video has use-after-free in H264 packetizer when packetizing fragmented NAL

Details

PJSIP is a free and open source multimedia communication library. Versions prior to 2.17 have a critical heap buffer underflow vulnerability in PJSIP's H.264 packetizer. The bug occurs when processing malformed H.264 bitstreams without NAL unit start codes, where the packetizer performs unchecked pointer arithmetic that can read from memory located before the allocated buffer. Version 2.17 contains a patch for the issue.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-416"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/26xxx/CVE-2026-26203.json"
}

References

Affected packages

Git / github.com/pjsip/pjproject

Affected ranges

Type: GIT
Repo: https://github.com/pjsip/pjproject
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5aee54f09d4f91538d55279d7316591b28fded6c

Affected versions

2.*

2.10

2.11

2.12

2.13

2.14

2.15

2.16

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-26203.json"

vanir_signatures

[
    {
        "digest": {
            "length": 4129.0,
            "function_hash": "17201667839598847074321095779897720326"
        },
        "id": "CVE-2026-26203-896ac51f",
        "source": "https://github.com/pjsip/pjproject/commit/5aee54f09d4f91538d55279d7316591b28fded6c",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "pjmedia/src/pjmedia-codec/h264_packetizer.c",
            "function": "pjmedia_h264_packetize"
        },
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "282547370237433259569267606523416298495",
                "314816285094826350098175490021559308860",
                "318884502318554741426627007846343873677",
                "3800252603315728545875043015601168317",
                "79033380016967690662629657147282140266",
                "308307021566094354539117619936722724030"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2026-26203-ea4c4be4",
        "source": "https://github.com/pjsip/pjproject/commit/5aee54f09d4f91538d55279d7316591b28fded6c",
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "pjmedia/src/pjmedia-codec/h264_packetizer.c"
        },
        "signature_type": "Line"
    }
]