Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: sangoma Clear
ID Title
CVE-2026-46376 Vulnerability in sangoma (CVE-2026-46376)
vulnerability in sangoma (CVE-2026-46376). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.45` or later.
CVE-2026-44237 Vulnerability in sangoma (CVE-2026-44237)
vulnerability in sangoma (CVE-2026-44237). Confidential information can be exposed externally. Mitigation: upgrade to `17.0.8` or later.
CVE-2026-44238 SQL Injection in sqli (CVE-2026-44238)
SQL injection in sqli (CVE-2026-44238). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.50` or later.
CVE-2026-44239 Vulnerability in path-traversal (CVE-2026-44239)
vulnerability in path-traversal (CVE-2026-44239). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `16.0.22` or later.
CVE-2025-64328 KEV [KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328)
OS command injection in Sangoma freepbx (CVE-2025-64328). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2019-19006 KEV [KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006)
authentication bypass in Sangoma freepbx (CVE-2019-19006). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-57819 KEV [KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-43336 Vulnerability in sangoma (CVE-2023-43336)
vulnerability in sangoma (CVE-2023-43336). Successful exploitation can lead to full system takeover.
CVE-2022-37325 Out-of-Bounds Write in c (CVE-2022-37325)
out-of-bounds write in c (CVE-2022-37325). Risk of unauthorized operations or information disclosure.
CVE-2017-17430 Authentication Bypass in sangoma (CVE-2017-17430)
authentication bypass in sangoma (CVE-2017-17430). Successful exploitation can lead to full system takeover.
CVE-2017-9358 Vulnerability in sangoma (CVE-2017-9358)
vulnerability in sangoma (CVE-2017-9358). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →