gpac

372 tracked vulnerabilities.

CVE-2026-8124 LOW
GPAC box_code_base.c sidx_box_read allocation of resources
May 08, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-33144 MEDIUM
GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing)
Mar 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-27821 HIGH
gpac <= 26.02.0 - Stack-based Buffer Overflow in NHML File Parser
Feb 26, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-1418 MEDIUM
GPAC < 2.4.0 - Out-of-Bounds Write in SRT Subtitle Import
Jan 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1417 LOW
gpac < 2.4.0 - Null Pointer Dereference in dump_isom_rtp Function
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-1416 LOW
gpac < 2.4.0 - Null Pointer Dereference in DumpMovieInfo Function
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-1415 LOW
gpac < 2.4.0 - Null Pointer Dereference in gf_media_export_webvtt_metadata
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-70303 MEDIUM
GPAC 2.4.0 - Denial of Service via Crafted MP4 File
Jan 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-70302 MEDIUM
GPAC 2.4.0 - Denial of Service via Heap Overflow in ghi_dmx_declare_opid_bin
Jan 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-70307 HIGH
GPAC 2.4.0 - Denial of Service via Crafted Packet in dump_ttxt_sample
Jan 15, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-70299 MEDIUM
GPAC 2.4.0 - Denial of Service via Crafted AVI File
Jan 15, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-70310 MEDIUM
GPAC 2.4.0 - Denial of Service via Crafted OGG File in vorbis_to_intern()
Jan 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-70309 MEDIUM
GPAC 2.4.0 - Denial of Service via Crafted WAV File
Jan 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-70308 HIGH
GPAC 2.4.0 - Denial of Service via GSF Demuxer Filter Out-of-Bounds Read
Jan 15, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-70305 MEDIUM
GPAC 2.4.0 - Denial of Service via Crafted .saf File
Jan 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-70304 HIGH
GPAC 2.4.0 - Denial of Service via vobsub_get_subpic_duration Buffer Overflow
Jan 15, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-70298 HIGH
GPAC 2.4.0 - Out-of-bounds Read in oggdmx_parse_tags
Jan 15, 2026
CVSS 8.2
EPSS 0.00
CVE-2025-7797 MEDIUM
GPAC <2.4 - Null Pointer Dereference
Jul 18, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-25723 HIGH
GPAC 2.5 - Buffer Overflow
Feb 28, 2025
CVSS 8.4
EPSS 0.00
CVE-2024-57184 MEDIUM
GPAC v0.8.0 - Heap-Based Buffer Overflow in gf_m2ts_process_pmt
Jan 24, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-50665 MEDIUM
gpac 2.4 - NULL Pointer Dereference in isom_cenc_get_sai_by_saiz_saio
Jan 23, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-50664 HIGH
gpac 2.4 - Heap-Based Buffer Overflow in gf_isom_new_mpha_description
Jan 23, 2025
CVSS 7.8
EPSS 0.00
CVE-2024-6064 MEDIUM
GPAC 2.5-DEV-rev228-g11067ea92-master - Use-After-Free in MP4Box xmt_node_end Function
Jun 17, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-6063 LOW
GPAC 2.5-DEV-rev228-g11067ea92-master - Null Pointer Dereference in MP4Box m2tsdmx_on_event Function
Jun 17, 2024
CVSS 3.3
EPSS 0.00
CVE-2024-6062 LOW
GPAC 2.5-DEV-rev228-g11067ea92-master - Null Pointer Dereference in MP4Box swf_svg_add_iso_sample Function
Jun 17, 2024
CVSS 3.3
EPSS 0.00
Products
gpac 368 mp4box 4
Quick Filters
Critical CVEs With Exploits In CISA KEV