OSV-2026-923

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2026-923.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-923
Published
2026-06-16T00:14:25.379686Z
Modified
2026-06-16T00:14:25.379985Z
Summary
Heap-use-after-free in gf_node_unregister
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=523799837

Crash type: Heap-use-after-free READ 8
Crash state:
gf_node_unregister
BM_ParseCommand
gf_bifs_flush_command_list
References

Affected packages

OSS-Fuzz / gpac

Package

Name
gpac
Purl
pkg:generic/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
db25e2b53aedd0ed03102cf5029b3aab6b1e7513
Fixed
8ca09c439f738fb4a41402cf71fedd06543d278e

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2026-923.yaml"
introduced_range 
"db3815307d1594fc34cb757d4509834a9d2e12bf:bd1d94e70e3bef364c07c5a1d94eca5c9f56e160"