CVE-2026-49475

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to causes the parser to read and write past the end of the attribute, producing an out-of-bounds memory access on the per-leg media buffer. This issue has been patched in version 1.11.0.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/signalwire/freeswitch/releases/tag/v1.11.0	Release Notes
https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:freeswitch:freeswitch:*:*:*:*:*:*:*:*

History

10 Jun 2026, 15:06

Type	Values Removed	Values Added
First Time		Freeswitch freeswitch Freeswitch
CPE		cpe:2.3:a:freeswitch:freeswitch::::::::
References	~~() https://github.com/signalwire/freeswitch/releases/tag/v1.11.0 -~~	() https://github.com/signalwire/freeswitch/releases/tag/v1.11.0 - Release Notes
References	~~() https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926 -~~	() https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926 - Third Party Advisory

09 Jun 2026, 17:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-09 17:17

Updated : 2026-06-10 15:06

NVD link : CVE-2026-49475

Mitre link : CVE-2026-49475

CVE.ORG link : CVE-2026-49475

JSON object : View

Products Affected

freeswitch

freeswitch

CWE

CWE-20

Improper Input Validation

CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

7.5 /10