๐Ÿ” CVE Alert

CVE-2026-54908

UNKNOWN 0.0

Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message

CVSS Score
0.0
EPSS Score
0.3%
EPSS Percentile
24th

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message. This issue has been fixed in version 3.1.4.

CWE CWE-125 CWE-248
Vendor pion
Product dtls
Published Jul 1, 2026
Last Updated Jul 2, 2026
Stay Ahead of the Next One

Get instant alerts for pion dtls

Be the first to know when new unknown vulnerabilities affecting pion dtls are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

pion / dtls
< 3.1.4

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/pion/dtls/security/advisories/GHSA-wg4g-wm44-ch5j github.com: https://github.com/pion/dtls/pull/839