VYPR
Medium severity5.5NVD Advisory· Published Jun 1, 2026· Updated Jun 2, 2026

CVE-2025-60481

CVE-2025-60481

Description

A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AC4 file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

1