What is CVE-2026-32945?

CVE-2026-32945 is a vulnerability in Pjsip Pjproject, classified under Heap-based Buffer Overflow. Published 2026-03-20.

Is CVE-2026-32945 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Pjsip Pjproject

CVE-2026-32945

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (22.1th percentile) — read the EPSS interpretation.

Affected products

Pjsip Pjproject — versions < 2.17

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

Public proof-of-concept exploits

JohannesLks/CVE-2026-32945

References

https://github.com/pjsip/pjproject/security/advisories/GHSA-jr2p-p2w4-rr9q (x_refsource_CONFIRM)
https://github.com/pjsip/pjproject/commit/5311aee398ae9d623829a6bad7b679a193c9e199 (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-32945?: CVE-2026-32945 is a vulnerability in Pjsip Pjproject, classified under Heap-based Buffer Overflow. Published 2026-03-20.
Is CVE-2026-32945 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.