Vulnerability Description
A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The name of the patch is fd7271bae238ccb3ae8a71304ea64f0886324925. It is best practice to apply a patch to resolve this issue.
CVSS Score
LOW
Related Weaknesses (CWE)
References
- https://github.com/CCExtractor/ccextractor/
- https://github.com/CCExtractor/ccextractor/commit/fd7271bae238ccb3ae8a71304ea64f
- https://github.com/CCExtractor/ccextractor/issues/2053
- https://github.com/CCExtractor/ccextractor/pull/2057
- https://github.com/oneafter/0123/blob/main/cc1/repro
- https://vuldb.com/?ctiid.344991
- https://vuldb.com/?id.344991
- https://vuldb.com/?submit.753159
- https://vuldb.com/?submit.753160
FAQ
What is CVE-2026-2245?
CVE-2026-2245 is a vulnerability with a CVSS score of 3.3 (LOW). A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables.c of the component MPEG-TS File Parser. Such manipulation le...
How severe is CVE-2026-2245?
CVE-2026-2245 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-2245?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.