Vulnerability intelligence
CVE-2026-0826
In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform.
CVSS Score
9.2
Critical
EPSS — Exploit Probability
0.3%
Riskier than 52% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
unknown
Check vendor advisories
3 articles across 3 outlets · first covered Jun 2, 2026 · latest Jun 5, 2026
Tracked incidents
Coverage timeline
-
Poly VoIP Phone Vulnerability Revealed with Public Exploit Code Disclosedsecurityonline.info · Jun 5, 2026
-
HP Poly VoIP phones hit by critical RCE flaw CVE-2026-0826securityaffairs.com · Jun 3, 2026
-
Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breacheswww.securityweek.com · Jun 2, 2026