HIGH
Bzrtp Project
CVE published 2017-01-18
CVE-2016-6271
CVE-2016-6271 is a high-severity flaw in Bzrtp/libbzrtp 1.0.x before 1.0.4. According to NVD, a missing HVI check during DHPart2 packet reception can allow a man-in-the-middle attacker to carry out spoofing attacks. The vulnerability was published on 2017-01-18 and later modified in the NVD record on 2026-05-13; that later date reflects record maintenance, not a new disclosure date.