Known Vulnerabilities for products from Gpac

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Gpac".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-50810 json Not Provided 2026-07-07 2026-07-09
CVE-2026-39103 json Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a d... Not Provided 2026-05-05 2026-05-29
CVE-2026-33144 json GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow (write) vulnerability was ... Not Provided 2026-03-20 2026-04-14
CVE-2026-15185 json Not Provided 2026-07-09 2026-07-09
CVE-2026-14801 json Not Provided 2026-07-06 2026-07-06
CVE-2026-14790 json Not Provided 2026-07-06 2026-07-06
CVE-2026-13523 json Not Provided 2026-06-29 2026-06-29
CVE-2026-9572 json A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function Media_GetSample of the... Not Provided 2026-05-26 2026-05-28
CVE-2026-9567 json Not Provided 2026-05-26 2026-05-26
CVE-2026-8124 json A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/iso... Not Provided 2026-05-08 2026-05-14
CVE-2026-7135 json Not Provided 2026-04-27 2026-04-27
CVE-2026-1418 json A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gf_text_import_srt_bifs of the file... Not Provided 2026-01-26 2026-04-29
CVE-2026-1417 json A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dump_isom_rtp of the file applicat... Not Provided 2026-01-26 2026-04-29
CVE-2026-1416 json A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the ... Not Provided 2026-01-26 2026-04-29
CVE-2026-1415 json A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf_media_export_webvtt_metadata of the file src/... Not Provided 2026-01-26 2026-04-29
CVE-2025-60474 json A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows at... Not Provided 2026-06-24 2026-06-29
CVE-2025-60473 json A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box befor... Not Provided 2026-06-25 2026-06-29
CVE-2025-60471 json A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4Box be... Not Provided 2026-06-24 2026-06-29
CVE-2025-60468 json GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. Th... Not Provided 2026-06-24 2026-06-26
CVE-2025-60467 json A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of GPAC Project/MP4Box befor... Not Provided 2026-06-24 2026-06-29

Known software with vulnerabilities from Gpac

Type Vendor Product Version
ApplicationGpacGpac0.5.2
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report