CVE-2025-56225

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

09/01/2026

Last modified:

09/01/2026

Description

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.

Impact

References to Advisories, Solutions, and Tools

https://github.com/FluidSynth/fluidsynth/issues/1602
https://github.com/FluidSynth/fluidsynth/pull/1607