📦 Pexip Infinity

Pexip Infinity installations before version 39.0 have an internal API vulnerability where critical functions lack authentication. This allows an attacker who already has code execution on one node to ...

CVE-2025-66379 is an improper input validation vulnerability in Pexip Infinity's media implementation that allows remote attackers to trigger a software abort via crafted media streams, causing denial...

Pexip Infinity versions 35.0 through 38.1 have an improper input validation vulnerability in WebRTC signaling when using non-default Direct Media configurations. Attackers can trigger a software abort...

Pexip Infinity versions 33.0 through 37.0 have improper input validation in signaling that allows attackers to trigger a software abort, causing denial of service. This affects all deployments running...

Pexip Infinity versions 35.0 through 37.2 have an improper input validation vulnerability in signalling that allows attackers to trigger a software abort, causing denial of service. This affects all d...

Pexip Infinity versions 15.0 through 38.0 have an improper access control vulnerability in the Secure Scheduler for Exchange service when using Office 365 Legacy Exchange Tokens. This allows remote at...

CVE-2025-32095 is an improper input validation vulnerability in Pexip Infinity's signaling component that allows remote attackers to trigger a software abort via crafted signaling messages, causing de...

CVE-2024-37917 is an improper input validation vulnerability in Pexip Infinity video conferencing software that allows remote attackers to cause a denial of service (software crash) by sending special...

Pexip Infinity before version 31.2 has improper input validation in signaling components, allowing remote attackers to trigger an abort condition. This affects all Pexip Infinity deployments running v...

CVE-2022-23228 is an improper WebRTC input validation vulnerability in Pexip Infinity that allows unauthenticated remote attackers to cause denial of service by consuming excessive resources. This aff...

Pexip Infinity versions 38.0 and 38.1 have an insufficient access control vulnerability in their RTMP implementation. This allows attackers to disconnect RTMP streams passing through Proxy Nodes, pote...

This vulnerability in Pexip Infinity's OTJ service allows remote attackers to cause denial of service by sending specially crafted calendar invites. Systems running Pexip Infinity versions 32.0 throug...

Pexip Infinity before version 34.1 has an improper access control vulnerability in waiting rooms. Unadmitted participants can view the conference roster and perform unauthorized actions before being g...