CVE-2026-1110

MEDIUM

cijliu librtsp <2ec1a81ad65280568a0c7c16420d7c10fde13b04 - Buffer O...

Title source: llm

Description

A flaw has been found in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. This affects the function rtsp_parse_method. This manipulation causes buffer overflow. It is possible to launch the attack on the local host. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Core 4

Core References

Permissions Required, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.341702

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.341702

Permissions Required, VDB Entry third-party-advisory

https://vuldb.com/?submit.732603

Various Sources related

https://github.com/fizz-is-on-the-way/vuls_protocol/blob/main/librtsp_rtsp_parse_method/librtsp_rtsp_parse_method.md

View Writeup ZIP pw:eip

Scores

CVSS v3 5.3

EPSS 0.0026

EPSS Percentile 17.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-119 CWE-120

Status published

Products (1)

cijliu/librtsp < 2021-03-14

Published Jan 18, 2026

Tracked Since Feb 18, 2026