CVE-2026-4390
TeamSpeak 3 Server Connection State Management process_resend_queue use after free
CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue. The affected component should be upgraded.
| CWE | CWE-416 CWE-119 |
| Vendor | n/a |
| Product | teamspeak 3 server |
| Published | May 27, 2026 |
| Last Updated | May 27, 2026 |
Stay Ahead of the Next One
Get instant alerts for n/a teamspeak 3 server
Be the first to know when new medium vulnerabilities affecting n/a teamspeak 3 server are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:X/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
n/a / TeamSpeak 3 Server
3.13.0 3.13.1 3.13.2 3.13.3 3.13.4 3.13.5 3.13.6 3.13.7
References
vuldb.com: https://vuldb.com/vuln/366314 vuldb.com: https://vuldb.com/vuln/366314/cti modzero.com: https://modzero.com/en/advisories/mz-26-01-teamspeak/ files.teamspeak-services.com: https://files.teamspeak-services.com/docs/security/TS-SA-2026-001.html teamspeak.com: https://www.teamspeak.com/en/downloads/#server
Credits
Michael Imfeld (modzero)