CVE-2025-55652

MEDIUM NVD

CVSS Score 5.5

Severity MEDIUM

Published Jun 15, 2026

Vendor unknown

Description

A heap buffer overflow in the gf_isom_vp_config_new function (isomedia/avc_ext.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.

References

https://infosec.exchange/@sigdevel/116736829161374790
http://www.openwall.com/lists/oss-security/2026/06/13/4