gpac
402 tracked vulnerabilities.
CVE-2026-9572
LOW
GPAC MP4Box media.c Media_GetSample memory leak
May 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-8124
LOW
GPAC box_code_base.c sidx_box_read allocation of resources
May 08, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-39103
MEDIUM
GPAC <v391dc7f4d234988ea0bc3cc294eb725eddf8f702 - Buffer Overflow
May 05, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-33144
MEDIUM
GPAC MP4Box Heap Buffer Overflow Write in gf_xml_parse_bit_sequence_bs (NHML BS Parsing)
Mar 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-27821
HIGH
gpac <= 26.02.0 - Stack-based Buffer Overflow in NHML File Parser
Feb 26, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-1418
MEDIUM
GPAC < 2.4.0 - Out-of-Bounds Write in SRT Subtitle Import
Jan 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-1417
LOW
gpac < 2.4.0 - Null Pointer Dereference in dump_isom_rtp Function
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-1416
LOW
gpac < 2.4.0 - Null Pointer Dereference in DumpMovieInfo Function
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-1415
LOW
gpac < 2.4.0 - Null Pointer Dereference in gf_media_export_webvtt_metadata
Jan 26, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-60465
MEDIUM
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Crafted Media File
Jun 25, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-60464
HIGH
GPAC Project/MP4Box < 26.02.0 - Use-After-Free in gf_sei_load_from_state_internal
Jun 25, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-60473
MEDIUM
GPAC Project/MP4Box < 26.02.0 - Denial of Service via Crafted File in gf_filter_in_parent_chain
Jun 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-60466
MEDIUM
GPAC Project/MP4Box < 26.02.0 - Use-After-Free in gf_filter_pid_get_packet
Jun 25, 2026
CVSS 5.0
EPSS 0.00
CVE-2025-60474
HIGH
GPAC Project/MP4Box < 26.02.0 - Denial of Service via gf_media_import Buffer Overflow
Jun 24, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-60467
HIGH
GPAC Project/MP4Box < 26.02.0 - Use-After-Free in gf_filter_pid_inst_swap_delete_task
Jun 24, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-60468
MEDIUM
GPAC MP4Box 2.5-DEV-rev1593-gfe88c3545-master - Use-After-Free in gf_filter_pid_inst_swap_delete_task
Jun 24, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-60471
MEDIUM
GPAC Project/MP4Box < 26.02.0 - Use-After-Free in gf_filter_pid_reconfigure_task_discard
Jun 24, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55639
MEDIUM
GPAC MP4Box 2.4 - Denial of Service via Crafted MP4 File
Jun 23, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-55663
MEDIUM
GPAC MP4Box 2.4 - Denial of Service via Crafted MP4 File
Jun 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55661
MEDIUM
GPAC MP4Box 2.4 - Heap-based Buffer Overflow in Opus Audio Stream Parser
Jun 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55660
MEDIUM
GPAC MP4Box 2.4 - Denial of Service via Crafted MP4 File
Jun 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55652
MEDIUM
GPAC MP4Box 2.4 - Heap-based Buffer Overflow in gf_isom_vp_config_new
Jun 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55650
MEDIUM
GPAC MP4Box 2.4 - Denial of Service via Heap Use-After-Free in gf_node_get_tag
Jun 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55649
MEDIUM
GPAC MP4Box 2.4 - Denial of Service via Crafted MP4 File
Jun 15, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-55648
MEDIUM
GPAC MP4Box 2.4 - Denial of Service via Crafted MP4 File
Jun 15, 2026
CVSS 5.5
EPSS 0.00
Quick Filters