2 matches found
CVE-2026-33144
GPAC MP4Box has a heap-based out-of-bounds write vulnerability in the gf_xml_parse_bit_sequence_bs function (utils/xml_bin_custom.c) when processing crafted NHML files containing BitSequence () elements. The issue exists prior to commit 86b0e36 and can be triggered by a specially crafted NHML fil...
CVE-2026-33144
GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The vulnerability exists in the gfxmlparsebitsequencebs function in utils/xmlbincustom.c when processing a crafted NHML file containing malicious...