Remote Denial of Service Vulnerability in Pion DTLS by Pion
CVE-2026-54908
6.3MEDIUM
What is CVE-2026-54908?
Pion DTLS, a Go implementation of Datagram Transport Layer Security, is susceptible to a Remote Denial of Service vulnerability. This issue arises from a panic triggered during the parsing of a crafted ECDHE_PSK ServerKeyExchange message, which could potentially disrupt service availability. The vulnerability has been rectified in version 3.1.4, and users are advised to upgrade to this version or newer to mitigate the risk.
Affected Version(s)
dtls < 3.1.4
