4.8

CVE-2026-14801

GPAC TeXML File load_text.c txtin_probe_duration divide by zero

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component TeXML File Handler. Such manipulation of the argument txml_timescale leads to divide by zero. An attack has to be approached locally. The name of the patch is 86a5191f2e750c767253e27ed6cfd6d547afebc2. A patch should be applied to remediate this issue.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Herstellern/a
Produkt GPAC
Version 26.03-DEV-rev342-g80071f700-master
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.016
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cna@vuldb.com 4.8 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cna@vuldb.com 1.7 3.1 2.9
AV:L/AC:L/Au:S/C:N/I:N/A:P
CWE-369 Divide By Zero

The product divides a value by zero.

CWE-404 Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

https://github.com/gpac/gpac/
https://vuldb.com/vuln/376395
https://vuldb.com/vuln/376395/cti
https://vuldb.com/cve/CVE-2026-14801
https://vuldb.com/submit/850854
https://github.com/gpac/gpac/issues/3610
https://github.com/gpac/gpac/commit/86a5191f2e750c767253e27ed6cfd6d547afebc2