CVE-2025-49088
CVE-2025-49088
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.9EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
25 Dec 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Pexip · InfinityWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →