CVE-2026-2889 | CCExtractor up to 0.96.5 src/lib_ccx/mp4.c processmp4 use after free (Issue 2055)

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability identified as problematic has been detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free.

This vulnerability is identified as CVE-2026-2889. The attack is only possible with local access. Additionally, an exploit exists.

You should upgrade the affected component.

CVE-2026-2889 | CCExtractor up to 0.96.5 src/lib_ccx/mp4.c processmp4 use after free (Issue 2055)

Post correlati

CVE-2025-15009 | liweiyi ChestnutCMS up to 1.5.8 Filename /dev-api/common/upload FilenameUtils.getExtension File unrestricted upload

CVE-2024-23129 | Autodesk AutoCAD/Advance Steel/Civil 3D MODEL File opennurbs.dll memory corruption

CVE-2024-2691 | WP Event Manager Plugin up to 3.1.43 on WordPress Shortcode events cross site scripting

CVE-2025-48051 | Lichess Lila powertip.ts cross site scripting (GHSA-9xhx-p3c5-p4v6)