{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39864", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-07T19:13:20.379Z", "datePublished": "2026-04-08T19:58:08.565Z", "dateUpdated": "2026-04-08T20:19:53.226Z"}, "containers": {"cna": {"title": "Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m"}], "affected": [{"vendor": "kamailio", "product": "kamailio", "versions": [{"version": "< 5.8.7", "status": "affected"}, {"version": ">= 6.0.0, < 6.0.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-08T19:58:08.565Z"}, "descriptions": [{"lang": "en", "value": "Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted SIP packet if a successful user authentication without a database backend is followed by additional user identity checks. This vulnerability is fixed in 6.0.5 and 5.8.7."}], "source": {"advisory": "GHSA-6m86-m342-g48m", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-08T20:19:26.241924Z", "id": "CVE-2026-39864", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T20:19:53.226Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-39864", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-08T20:19:26.241924Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T20:19:37.794Z"}}], "cna": {"title": "Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks", "source": {"advisory": "GHSA-6m86-m342-g48m", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "kamailio", "product": "kamailio", "versions": [{"status": "affected", "version": "< 5.8.7"}, {"status": "affected", "version": ">= 6.0.0, < 6.0.5"}]}], "references": [{"url": "https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m", "name": "https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted SIP packet if a successful user authentication without a database backend is followed by additional user identity checks. This vulnerability is fixed in 6.0.5 and 5.8.7."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-08T19:58:08.565Z"}}}, "cveMetadata": {"cveId": "CVE-2026-39864", "state": "PUBLISHED", "dateUpdated": "2026-04-08T20:19:53.226Z", "dateReserved": "2026-04-07T19:13:20.379Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-08T19:58:08.565Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kamailio:kamailio:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFE6E387-8DDD-4EE6-B837-CEB94BBDE3A4", "versionEndExcluding": "5.8.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:kamailio:kamailio:*:*:*:*:*:*:*:*", "matchCriteriaId": "68C6ED5C-A7BF-4C85-B46C-56F3B478B37B", "versionEndExcluding": "6.0.5", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted SIP packet if a successful user authentication without a database backend is followed by additional user identity checks. This vulnerability is fixed in 6.0.5 and 5.8.7."}], "id": "CVE-2026-39864", "lastModified": "2026-04-15T16:06:29.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-08T20:16:26.700", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/kamailio/kamailio/security/advisories/GHSA-6m86-m342-g48m"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.8.7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.0.0,6.0.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "kamailio", "source": "cna", "vendor": "kamailio"}, "product": "kamailio", "vendor": "kamailio"}], "analysis": {"en": {"generated_at": "2026-04-08T21:25:40.027634+00:00", "value": {"mitigation_remediation": ["Upgrade Kamailio to at least version 6.0.5 or 5.8.7 to eliminate the out\u2011of\u2011bounds read.", "Ensure that authentication is configured to use a database backend, or verify that additional identity checks are not performed after a successful login if no backend is used.", "If an immediate upgrade is not possible, isolate the Kamailio server from untrusted networks and monitor for abnormal SIP traffic, applying firewall rules to drop suspicious packets until the patch is applied."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Kamailio versions earlier than 6.0.5 and 5.8.7. The affected component is the auth module of the SIP signaling server. Systems running Kamailio 6.x prior to 6.0.5 or 5.x before 5.8.7 are at risk, regardless of the deployment environment.", "description_and_impact": "An out\u2011of\u2011bounds read in the auth module of Kamailio allows an attacker to force the SIP server to crash. The flaw becomes exploitable when a user authenticates successfully without a database backend and then additional identity checks are performed. The result is a process crash that leads to a denial of service. This issue is a classic out\u2011of\u2011bounds read problem, classified under CWE\u2011125.", "risk_and_exploitability": "The CVSS score of 4.4 indicates moderate severity. EPSS information is not available, so the exploitation probability is unclear. The vulnerability is not listed in the CISA KEV catalog, suggesting no known active exploitation at this time. The likely attack vector is a remote attacker sending a specially crafted SIP packet after a successful authentication, though the description does not explicitly state the network context, it is inferred that the attack requires remote network access to the Kamailio server."}}}}, "created": "2026-04-09T08:18:09.311353+00:00", "updated": "2026-04-09T08:27:31.745979+00:00", "vendors": ["kamailio", "kamailio$PRODUCT$kamailio"]}