OSV-2026-855

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2026-855.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-855
Published
2026-06-05T00:09:54.701201Z
Modified
2026-06-05T14:24:22.703720Z
Summary
Heap-use-after-free in gf_sg_reset
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519588196

Crash type: Heap-use-after-free READ 8
Crash state:
gf_sg_reset
gf_sg_del
fuzz_scene.c
References

Affected packages

OSS-Fuzz / gpac

Package

Name
gpac
Purl
pkg:generic/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
297f2d8d1f493d8b241330533cd47f7da758aeb3
Fixed
db3815307d1594fc34cb757d4509834a9d2e12bf
Introduced
be6e8a95e6fe02267f4960adffb3e6115bd5cb4a

Affected versions

abi-16.*
abi-16.17

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2026-855.yaml"
introduced_range 
"8f5b302439e9ac08f92faeef18c1d97cc77698bf:1d334557b18021a3aef3d17e1e72a0808d3e4e46"