CVE-2026-14790 - CERT CVE
ID CVE-2026-14790
Sažetak A flaw has been found in GPAC 26.02.0. This affects the function nhmldump_send_frame of the file src/filters/write_nhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requires local access. The exploit has been published and may be used. This patch is called bd1d94e70e3bef364c07c5a1d94eca5c9f56e160. A patch should be applied to remediate this issue. The project explains: "I would consider most of these more as bugs than vulns but anyway they're good to fix".
Reference
CVSS
Base: 1.7
Impact: 2.9
Exploitability:3.1
Pristup
VektorSloženostAutentikacija
LOCAL LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:L/AC:L/Au:S/C:N/I:N/A:P
Zadnje važnije ažuriranje 06-07-2026 - 18:02
Objavljeno 06-07-2026 - 03:16