Pexip Infinity

14 CVEs affecting Pexip Infinity. Latest disclosed: 2025-12-25. Critical: 0, High: 12.

Top CVEs affecting Pexip Infinity
CVESeverityScorePublishedSummary
CVE-2025-59683High8.22025-12-25Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchang…
CVE-2025-66443High7.52025-12-25Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that…
CVE-2025-66379High7.52025-12-25Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted medi…
CVE-2025-66377High7.52025-12-25Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execut…
CVE-2025-48704High7.52025-12-25Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a de…
CVE-2025-32096High7.52025-12-25Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a den…
CVE-2025-32095High7.52025-12-25Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling messa…
CVE-2021-42555High7.52022-01-15Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
CVE-2021-35969High7.52022-01-15Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
CVE-2021-33499High7.52022-01-15Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2).
CVE-2021-33498High7.52022-01-15Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2).
CVE-2021-32545High7.52022-01-15Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation.
CVE-2025-66378Medium5.92025-12-25Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing…
CVE-2025-49088Medium5.92025-12-25Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the…