CVE-2025-60483

Published: Jun 1, 2026

Modified: Jun 1, 2026

PUBLISHED

Description

A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AC4 file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/gpac/gpac/commit/13eb5b76560aaf7813b865a2ad433258478e2695

https://github.com/gpac/gpac/issues/3302

https://github.com/sigdevel/pocs/blob/main/res/gpac/MP4Box/49/README.md

https://infosec.exchange/@sigdevel/116659111520602254

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60483

Description

Affected Products

References