CVE-2026-4743

MEDIUM

Null-Pointer Dereference Vulnerability in taurusxin/ncmdump

Title source: cna

Description

NULL Pointer Dereference vulnerability in taurusxin ncmdump (‎src/utils‎ modules). This vulnerability is associated with program files cJSON.Cpp‎. This issue affects ncmdump: before 1.4.0.

References (1)

[Patch] https://github.com/taurusxin/ncmdump/pull/52

Scores

CVSS v4 5.2

EPSS 0.0002

EPSS Percentile 5.7%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Green

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (1)

taurusxin/ncmdump < 1.4.0

Published Mar 24, 2026

Tracked Since Mar 24, 2026