CVE-2026-4392

TeamSpeak 3 Server clientek Handshake assertion

CVSS 6.9 MEDIUMEPSS 0.4%CWE-617

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.9EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

27 May 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible. Upgrading to version 3.13.8 is capable of addressing this issue. Upgrading the affected component is recommended.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

Affected products

n/a · TeamSpeak 3 Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://files.teamspeak-services.com/docs/security/TS-SA-2026-001.html https://modzero.com/en/advisories/mz-26-01-teamspeak/https://vuldb.com/vuln/366316 https://vuldb.com/vuln/366316/cti https://www.teamspeak.com/en/downloads/#server