CVE-2026-1416

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions GPAC versions up to 2.4.0

Description A security flaw exists in GPAC due to a null pointer dereference in the DumpMovieInfo function located in the applications/mp4box/filedump.c file. This manipulation can be initiated locally. The exploit for this issue has been publicly released and may be used in attacks.

Recommendations Implement the patch d45c264c20addf0c1cc05124ede33f8ffa800e68 to correct this issue.

Exploit

Fix

NULL Pointer Dereference

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-404

Related Identifiers

BDU:2026-03619

CVE-2026-1416

Affected Products

Gpac

Red Os

CVE-2026-1416

Weakness Enumeration

Related Identifiers

Affected Products

References · 22