CVE-2026-14801
Severity CVSS v4.0:
MEDIUM
Type:
CWE-369
Divide By Zero
Publication date:
06/07/2026
Last modified:
06/07/2026
Description
A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component TeXML File Handler. Such manipulation of the argument txml_timescale leads to divide by zero. An attack has to be approached locally. The name of the patch is 86a5191f2e750c767253e27ed6cfd6d547afebc2. A patch should be applied to remediate this issue.
Impact
Base Score 4.0
4.80
Severity 4.0
MEDIUM
Base Score 3.x
3.30
Severity 3.x
LOW
Base Score 2.0
1.70
Severity 2.0
LOW
References to Advisories, Solutions, and Tools
- https://github.com/gpac/gpac/
- https://github.com/gpac/gpac/commit/86a5191f2e750c767253e27ed6cfd6d547afebc2
- https://github.com/gpac/gpac/issues/3610
- https://vuldb.com/cve/CVE-2026-14801
- https://vuldb.com/submit/850854
- https://vuldb.com/vuln/376395
- https://vuldb.com/vuln/376395/cti
- https://github.com/gpac/gpac/issues/3610



