PT-2026-56798 · Gpac · Gpac
Fantasy_2026
·
Published
2026-07-09
·
Updated
2026-07-09
·
CVE-2026-15185
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
GPAC version 26.03-DEV
Description
An issue exists in the MP4Box component within the
vobsub read idx() function of the /src/media tools/vobsub.c file. A local attacker can trigger an out-of-bounds read by manipulating the num langs argument. An out-of-bounds read occurs when a program reads data past the end of the intended buffer, potentially exposing sensitive information from memory.Recommendations
Apply the patch 532097084729a936bcdf6a27c41003f3bd7dc3ff to version 26.03-DEV.
Exploit
Fix
Buffer Overflow
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gpac