CVE-2026-9567 | GPAC up to 2.4.0 MP4Box isom_intern.c MergeFragment null pointer dereference (Issue 3549)

A vulnerability was found in GPAC up to 2.4.0 and classified as problematic. Affected is the function MergeFragment of the file src/isomedia/isom_intern.c of the component MP4Box. The manipulation results in null pointer dereference.

This vulnerability was named CVE-2026-9567. The attack needs to be approached locally. In addition, an exploit is available.

It is advisable to implement a patch to correct this issue.VulDB Recent EntriesRead More