Heap-Based Buffer Overflow in TeamSpeak 3 Server by TeamSpeak
CVE-2026-4391

6.9MEDIUM

Key Information:

Vendor: TeamSpeak
Status: Teamspeak 3 Server
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-4391?

A security vulnerability has been identified in TeamSpeak 3 Server versions up to 3.13.7, stemming from an issue within the ECC Key Parser component. Attackers can exploit this vulnerability, potentially leading to a heap-based buffer overflow, which could be triggered remotely. Users are strongly advised to upgrade to version 3.13.8 to mitigate these risks and ensure the security of their system.

Affected Version(s)

TeamSpeak 3 Server 3.13.0

TeamSpeak 3 Server 3.13.1

TeamSpeak 3 Server 3.13.2

References

https://vuldb.com/vuln/366315

vdb-entry

https://vuldb.com/vuln/366315/cti

signaturepermissions-required

https://modzero.com/en/advisories/mz-26-01-teamspeak/

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Mar 18, 2026

Credit

Michael Imfeld (modzero)

CVE-2026-4391 Data

JSON