Use After Free Vulnerability in TeamSpeak 3 Server by TeamSpeak
CVE-2026-4390

5.3MEDIUM

Key Information:

Vendor: TeamSpeak
Status: Teamspeak 3 Server
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-4390?

A vulnerability has been discovered in the TeamSpeak 3 Server, specifically in the process_resend_queue functionality of the Connection State Management component. This weakness leads to a use after free condition, which can be exploited by an attacker remotely, potentially compromising system integrity. Users are advised to upgrade to version 3.13.8 or later to prevent any exploitation of this vulnerability. Maintaining updated software is crucial for safeguarding against potential attacks.

Affected Version(s)

TeamSpeak 3 Server 3.13.0

TeamSpeak 3 Server 3.13.1

TeamSpeak 3 Server 3.13.2

References

https://vuldb.com/vuln/366314

vdb-entrytechnical-description

https://vuldb.com/vuln/366314/cti

signaturepermissions-required

https://modzero.com/en/advisories/mz-26-01-teamspeak/

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Mar 18, 2026

Credit

Michael Imfeld (modzero)

CVE-2026-4390 Data

JSON