← volver
CVE-2026-4390

TeamSpeak 3 Server Connection State Management process_resend_queue use after free

CVSS 5.3 MEDIUMEPSS 0.3%CWE-119CWE-416
Vexday Risk Score
33Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 5.3EPSS 0.3%KEV nãoPoC públicaNuclei Metasploit Patch referenciado
Ciclo de vida
09 may 2026PoC pública
27 may 2026Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue. The affected component should be upgraded.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
Productos afectados
n/a · TeamSpeak 3 Server
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.