CVE-2026-4391

Summary

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this issue. It is suggested to upgrade the affected component.

Affected Software

VendorProductVersion RangeStatus
n/aTeamSpeak 3 Server3.13.0affected
n/aTeamSpeak 3 Server3.13.1affected
n/aTeamSpeak 3 Server3.13.2affected
n/aTeamSpeak 3 Server3.13.3affected
n/aTeamSpeak 3 Server3.13.4affected
n/aTeamSpeak 3 Server3.13.5affected
n/aTeamSpeak 3 Server3.13.6affected
n/aTeamSpeak 3 Server3.13.7affected
n/aTeamSpeak 3 Server3.13.8unaffected

Weaknesses

  • CWE-122: Heap-based Buffer Overflow
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References