Vulnerability in Asterisk

CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 o…

EPSS: 0.002 (7.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References