CVE-2026-54908
Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message
CVSS Score
0.0
EPSS Score
0.3%
EPSS Percentile
24th
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message. This issue has been fixed in version 3.1.4.
| CWE | CWE-125 CWE-248 |
| Vendor | pion |
| Product | dtls |
| Published | Jul 1, 2026 |
| Last Updated | Jul 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for pion dtls
Be the first to know when new unknown vulnerabilities affecting pion dtls are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
pion / dtls
< 3.1.4