CVE-2025-26310

Name of the Vulnerable Software and Affected Versions libming version 0.4.8

Description Multiple memory leaks have been identified in the ABC file parsing functions, specifically in parseABC CONSTANT POOL and parseABC FILE, which allow attackers to cause a denial of service via a crafted ABC file. The issue is related to the util/parser.c file in libming.

Recommendations For libming version 0.4.8, consider disabling the parseABC CONSTANT POOL and parseABC FILE functions as a temporary workaround to prevent potential denial of service attacks until a patch is available. Restrict access to the vulnerable util/parser.c module to minimize the risk of exploitation. Avoid using crafted ABC files that could trigger the memory leaks in the affected functions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.