CVE-2025-56225

Опубликовано: 09 янв. 2026

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.

Ссылки

https://github.com/FluidSynth/fluidsynth/issues/1602
Exploit
Issue Tracking
https://github.com/FluidSynth/fluidsynth/pull/1607
Issue Tracking
https://github.com/FluidSynth/fluidsynth/issues/1602
Exploit
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fluidsynth:fluidsynth:*:*:*:*:*:*:*:*

Версия до 2.4.6 (включая)

EPSS

Процентиль: 14%

0.00046

Низкий

7.5 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2025-56225

CVSS3: 7.5

ubuntu

29 дней назад

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.

CVE-2025-56225

CVSS3: 7.5

debian

29 дней назад

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer de ...

GHSA-qgg6-hj2r-3x43

CVSS3: 7.5

github

29 дней назад

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.

EPSS

Процентиль: 14%

0.00046

Низкий

7.5 High

CVSS3

Дефекты

CWE-476