Memory Overwrite Vulnerability in PJSIP Affecting Opus Audio Codec
CVE-2025-65102

8.7HIGH

Key Information:

Vendor: Pjsip
Status: Pjproject
Vendor: CVE Published:; 21 November 2025

What is CVE-2025-65102?

A vulnerability exists in PJSIP, a widely used multimedia communication library, where improper handling of the Opus audio codec can lead to a memory overwrite. Specifically, when processing audio streams, the decoder's ptime may conflict with varying input frame lengths, resulting in the potential zero-filling of input frames. This can cause unexpected application termination, posing a significant risk to users relying on the Opus codec for audio transmission. The issue has been addressed in version 2.16 of PJSIP, and users are strongly encouraged to update to this version to mitigate any security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

pjproject < 2.16

References

https://github.com/pjsip/pjproject/security/advisories/GH...

x_refsource_CONFIRM

https://github.com/pjsip/pjproject/commit/6e9bd2e7d25bba2...

x_refsource_MISC

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Nov 21, 2025
Vulnerability Reserved
Nov 17, 2025

JSON

Pjsip

What is CVE-2025-65102?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.