No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 09 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_langs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This patch is called 532097084729a936bcdf6a27c41003f3bd7dc3ff. It is best practice to apply a patch to resolve this issue. Two different commits were applied to fix this issue. | |
| Title | GPAC MP4Box vobsub.c vobsub_read_idx out-of-bounds | |
| First Time appeared |
Gpac
Gpac gpac |
|
| Weaknesses | CWE-119 CWE-125 |
|
| CPEs | cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Gpac
Gpac gpac |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-09T12:30:08.948Z
Reserved: 2026-07-09T05:03:19.664Z
Link: CVE-2026-15185
Updated: 2026-07-09T14:41:32.532Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T14:45:05Z