CVE-2026-1417

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions GPAC versions prior to 2.4.0

Description A flaw exists in GPAC due to a null pointer dereference in the dump isom rtp function within the applications/mp4box/filedump.c file. This issue can be triggered locally. The exploit for this issue is publicly available.

Recommendations Apply the patch f96bd57c3ccdcde4335a0be28cd3e8fe296993de.

Exploit

Fix

Improper Resource Release

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-476

Related Identifiers

BDU:2026-03620

CVE-2026-1417

Affected Products

Gpac

Red Os

CVE-2026-1417

Weakness Enumeration

Related Identifiers

Affected Products

References · 23