Unrated severityOSV Advisory· Published Jan 9, 2026· Updated Jan 12, 2026
CVE-2025-56225
CVE-2025-56225
Description
fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4v1.1.2, v1.1.3, v1.1.4, …+ 1 more
- (no CPE)range: v1.1.2, v1.1.3, v1.1.4, …
- (no CPE)range: <=2.4.6
- osv-coords2 versionspkg:rpm/opensuse/fluidsynth&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/fluidsynth&distro=openSUSE%20Tumbleweed
< 2.3.5-160000.3.1+ 1 more
- (no CPE)range: < 2.3.5-160000.3.1
- (no CPE)range: < 2.5.2-2.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.