CVE-2026-2889 in CCExtractorinfo

Zusammenfassung

von MITRE • 22.02.2026

A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 0.96.6 is able to address this issue. The patch is named fd7271bae238ccb3ae8a71304ea64f0886324925. You should upgrade the affected component.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

22.02.2026

Moderieren

akzeptiert

Eintrag

VDB-347182

CPE

bereit

CWE

CWE-416 (bestätigt)

Exploit

Download

CVSS

3.3 (CNA)

EPSS

0.00018

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-2889
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-2889
CVE Details	https://www.cvedetails.com/cve/CVE-2026-2889/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!