CVE-2026-4015

Name of the Vulnerable Software and Affected Versions GPAC version 26.03-DEV

Description A weakness exists in GPAC 26.03-DEV within the TeXML File Parser component. Specifically, the txtin process texml function in the src/filters/load text.c file is susceptible to a stack-based buffer overflow when processing manipulated data. The attack can be launched locally. The exploit for this issue is publicly available. The patch identified as d29f6f1ada5cc284cdfa783b6f532c7d8bd049a5 addresses this issue.

Recommendations Apply the patch d29f6f1ada5cc284cdfa783b6f532c7d8bd049a5 to resolve this issue.