CVE-2026-10629EPSS p3.3%

CVE-2026-10629CVE-2026-10629

Description

SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ESP traffic), which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via passive monitoring and active manipulation of unsecured SIP messages over the radio and core network.

Scoring

CVSS 7.4 ()
VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.14% probability of exploitation · percentile 3.3% · 2026-06-17T12:03:21Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-21027
CVE
CVE-2026-0710
CVE
CVE-2026-21025
CVE
CVE-2025-21427
CVE
CVE-2026-50207
CVE
CVE-2026-49203
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.