PT-2026-56798 · Gpac · Gpac

Fantasy_2026

·

Published

2026-07-09

·

Updated

2026-07-09

·

CVE-2026-15185

CVSS v3.1

3.3

Low

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions GPAC version 26.03-DEV
Description An issue exists in the MP4Box component within the vobsub read idx() function of the /src/media tools/vobsub.c file. A local attacker can trigger an out-of-bounds read by manipulating the num langs argument. An out-of-bounds read occurs when a program reads data past the end of the intended buffer, potentially exposing sensitive information from memory.
Recommendations Apply the patch 532097084729a936bcdf6a27c41003f3bd7dc3ff to version 26.03-DEV.

Exploit

Fix

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15185

Affected Products

Gpac