1. Home
  2. Vulnerabilities
  3. CVE-2025-65102
0.0
NA
CVE-2025-65102
PJSIP is vulnerable to buffer overflow in Opus PLC
Description

PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio codec in receiving direction. The vulnerability can lead to unexpected application termination due to a memory overwrite. This issue has been patched in version 2.16.

INFO

Published Date :

Nov. 21, 2025, 9:36 p.m.

Last Modified :

Nov. 21, 2025, 9:36 p.m.

Remotely Exploit :

No

Source :

GitHub_M
Affected Products

The following products are affected by CVE-2025-65102 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Update PJSIP to version 2.16 or later to fix a memory overwrite vulnerability.
  • Update PJSIP to version 2.16 or later.
  • Ensure Opus audio codec is configured securely.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-65102 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.