Stack Buffer Overflow in GPAC MP4Box Affects Multimedia Processing
CVE-2025-52292

7.5HIGH

Key Information:

Vendor: GPAC
Status: MP4Box
Vendor: CVE Published:; 9 June 2026

What is CVE-2025-52292?

A vulnerability exists in the GPAC MP4Box version 2.4 due to a stack buffer overflow in the filein_process function (in_file.c). This can be exploited by attackers through crafted MP4 files, potentially leading to a Denial of Service (DoS) situation, impacting the functionality and availability of the multimedia processing capabilities.

References

https://infosec.exchange/@sigdevel/116707273214520860

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
Jun 16, 2025

CVE-2025-52292 Data

JSON