Security Advisories

Stay up to date with the latest security advisories for the
Asterisk Project.

ast_loggrabber executes python script in world writable directory(`/tmp`) leading to potential privilege escalation And RCE: (GHSA-xgj6-2gc5-5x9c)

June 25, 2026

LDAP Filter Injection in res_config_ldap via SIP Username (Unauthenticated Information Disclosure): (GHSA-r6c2-hwc2-j4mp)

June 25, 2026

SQL Injection in cel_pgsql and cel_tds via CELGenUserEvent eventtype Field: (GHSA-ph27-3m5q-mj5m)

June 25, 2026

Heap Buffer Overflow in OGG/Speex File Playback (format_ogg_speex): (GHSA-8jhw-m2hg-vp3h)

June 25, 2026

Stack buffer overflow in MWI NOTIFY Message-Account parsing: (GHSA-589g-qgf8-m6mx)

June 25, 2026

What can we help you find?