CVE-2026-2889 | CCExtractor up to 0.96.5 src/lib_ccx/mp4.c processmp4 use after free (Issue 2055)

Full Article URL: https://vuldb.com/?id.347182
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxN7QwAgCQRgj4_2026-02-20">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxN7QwAgCQRgj4_2026-02-20
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-20 18:20:15
Last retrieval: 2026-02-20 20:46:15.067537

18:20 - 20 Feb 2026

vuldb.com

A vulnerability identified as problematic has been detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. This vulnerability is identified as CVE-2026-2889. The attack is only possible with local access. Additionally, an exploit exists. You should upgrade the affected component.

https://vuldb.com/?id.347182

Article info: