cvedb.io
CVE-2026-46470
MEDIUM · CVSS 4
EPSS exploitation probability: 0%
Published 2026-05-14T18:16:50.790 · Last modified 2026-06-17T10:53:41.610

Summary

An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero.

Affected products

freedesktop — gst-plugins-good

Does this affect you?

Add your gear to cvedb and we'll alert you only when freedesktop ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.