Summaryinfo

A vulnerability was found in taurusxin ncmdump up to 1.3.x. It has been declared as problematic. This impacts an unknown function of the file cJSON.Cpp. The manipulation results in null pointer dereference. This vulnerability is known as CVE-2026-4743. Attacking locally is a requirement. No exploit is available. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability was found in taurusxin ncmdump up to 1.3.x. It has been classified as problematic. Affected is some unknown processing of the file cJSON.Cpp. The manipulation with an unknown input leads to a null pointer dereference vulnerability. CWE is classifying the issue as CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. This is going to have an impact on availability. CVE summarizes:

NULL Pointer Dereference vulnerability in taurusxin ncmdump (‎src/utils‎ modules). This vulnerability is associated with program files cJSON.Cpp‎. This issue affects ncmdump: before 1.4.0.

The advisory is shared for download at github.com. This vulnerability is traded as CVE-2026-4743 since 03/24/2026. The exploitability is told to be easy. The attack needs to be approached locally. There are known technical details, but no exploit is available.

Upgrading to version 1.4.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• taurusxin

Name

• ncmdump

Version

• 1.0
• 1.1
• 1.2
• 1.3

Website

• Product: https://github.com/taurusxin/ncmdump/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion