CVE-2026-49475

Published: Jun 9, 2026Modified: Jun 10, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: security-advisories@github.com (Secondary)

Description

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to causes the parser to read and write past the end of the attribute, producing an out-of-bounds memory access on the per-leg media buffer. This issue has been patched in version 1.11.0.

Affected (1)

Products: Freeswitch: Freeswitch

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Freeswitch Freeswitch	Before 1.11.0

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://github.com/signalwire/freeswitch/releases/tag/v1.11.0

Source: security-advisories@github.com

Release Notes

https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926

Source: security-advisories@github.com

Third Party Advisory

Timeline

No history available yet.