{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39863", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-07T19:13:20.379Z", "datePublished": "2026-04-08T19:55:56.632Z", "dateUpdated": "2026-04-09T13:52:38.030Z"}, "containers": {"cna": {"title": "Kamailio Core: TCP Data Processing Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "lang": "en", "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f"}], "affected": [{"vendor": "kamailio", "product": "kamailio", "versions": [{"version": "< 5.8.8", "status": "affected"}, {"version": ">= 6.0.0, < 6.0.6", "status": "affected"}, {"version": ">= 6.1.0, < 6.1.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-08T19:55:56.632Z"}, "descriptions": [{"lang": "en", "value": "Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted data packet sent over TCP. The issue impacts Kamailio instances having TCP or TLS listeners. This vulnerability is fixed in 5.1.1, 6.0.6, and 5.8.8."}], "source": {"advisory": "GHSA-2wj4-f825-2h2f", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T13:52:31.304154Z", "id": "CVE-2026-39863", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T13:52:38.030Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-39863", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-09T13:52:31.304154Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T13:52:34.946Z"}}], "cna": {"title": "Kamailio Core: TCP Data Processing Vulnerability", "source": {"advisory": "GHSA-2wj4-f825-2h2f", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "kamailio", "product": "kamailio", "versions": [{"status": "affected", "version": "< 5.8.8"}, {"status": "affected", "version": ">= 6.0.0, < 6.0.6"}, {"status": "affected", "version": ">= 6.1.0, < 6.1.1"}]}], "references": [{"url": "https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f", "name": "https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted data packet sent over TCP. The issue impacts Kamailio instances having TCP or TLS listeners. This vulnerability is fixed in 5.1.1, 6.0.6, and 5.8.8."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-08T19:55:56.632Z"}}}, "cveMetadata": {"cveId": "CVE-2026-39863", "state": "PUBLISHED", "dateUpdated": "2026-04-09T13:52:38.030Z", "dateReserved": "2026-04-07T19:13:20.379Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-08T19:55:56.632Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kamailio:kamailio:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B40580E-F077-4ECD-A293-C5376753A14F", "versionEndExcluding": "5.8.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:kamailio:kamailio:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEF7235B-DFA7-4445-81F2-490609E9FCD6", "versionEndExcluding": "6.0.6", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kamailio:kamailio:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A33A90A-7EC3-407F-BD7B-E13A2617B59D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted data packet sent over TCP. The issue impacts Kamailio instances having TCP or TLS listeners. This vulnerability is fixed in 5.1.1, 6.0.6, and 5.8.8."}], "id": "CVE-2026-39863", "lastModified": "2026-04-15T15:58:04.747", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-08T20:16:26.550", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/kamailio/kamailio/security/advisories/GHSA-2wj4-f825-2h2f"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.8.8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.0.0,6.0.6)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.1.0,6.1.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "kamailio", "source": "cna", "vendor": "kamailio"}, "product": "kamailio", "vendor": "kamailio"}], "analysis": {"en": {"generated_at": "2026-04-08T22:29:25.899630+00:00", "value": {"mitigation_remediation": ["Upgrade Kamailio to version 5.1.1, 6.0.6, 5.8.8, or any later release that includes the patch for the out-of-bounds access.", "Verify that all active TCP or TLS listeners are running the updated binaries and that no legacy configurations or older binaries remain in use.", "If an upgrade cannot be performed immediately, temporarily block inbound traffic on the TCP/TLS ports that the Kamailio instance listens on until a patched version is deployed."], "summary": {"action": "Patch Immediately", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Kamailio installations running any version older than 6.1.1, 6.0.6, or 5.8.8 are vulnerable, provided the server has a TCP or TLS listener enabled. The vulnerability was fixed in releases 5.1.1, 6.0.6, and 5.8.8; therefore any newer build that incorporates these updates is not affected.", "description_and_impact": "The Kamailio SIP server core contains an out-of-bounds memory access that allows remote attackers to trigger a process crash by sending a specially crafted packet over TCP or TLS. This flaw, classified as a buffer overflow (CWE-119), results in a denial of service that removes the instance from service and disrupts SIP signaling for all connected clients.", "risk_and_exploitability": "The CVSS base score of 7.5 indicates a high severity denial-of-service flaw. EPSS data is not available, and the issue does not appear in CISA\u2019s KEV catalog, implying no publicly known exploitation. Based on the description, it is inferred that an attacker needs only network connectivity to the exposed TCP/TLS port to send the malformed packet and trigger the crash."}}}}, "created": "2026-04-09T08:18:10.326541+00:00", "updated": "2026-04-09T08:27:32.719279+00:00", "vendors": ["kamailio", "kamailio$PRODUCT$kamailio"]}