VYPR

Miniaudio

by Mackron

Source repositories

CVEs (4)

  • CVE-2026-32837MedMar 17, 2026
    risk 0.19cvss 4.0epss 0.00

    miniaudio version 0.11.25 and earlier (fixed in commits 1df46ae and 1df46ae) contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper…

  • CVE-2024-41147Mar 4, 2025
    risk 0.00cvss epss 0.01

    An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2021-34184Jun 25, 2021
    risk 0.00cvss epss 0.01

    Miniaudio 0.10.35 has a Double free vulnerability that could cause a buffer overflow in ma_default_vfs_close__stdio in miniaudio.h.

  • CVE-2021-34185Jun 25, 2021
    risk 0.00cvss epss 0.01

    Miniaudio 0.10.35 has an integer-based buffer overflow caused by an out-of-bounds left shift in drwav_bytes_to_u32 in miniaudio.h