CNNVD-202601-1627 Information

CNNVD ID

CNNVD-202601-1627

Related CVE

CVE-2025-56225

• CNNVD Published: 2026-01-09

Description (Chinese)

fluidsynth是fluidsynth开源的一个应用系统。用于通过使用SoundFont通过读取和处理MIDI输入设备中的MIDI事件来生成音频。 fluidsynth 2.4.6及之前版本存在安全漏洞，该漏洞源于加载无效MIDI文件时可能触发空指针取消引用。

Description (English)

Fluidsynth is an application system for the open source of fluidsynth. To generate audio by using SoundFont to read and process MIDI input devices. There is a security loophole in the fluidsynth 2.4.6 and earlier versions, which stems from the possibility that the empty pointer may be triggered when loading invalid MIDI files.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

fluidsynth

Published

2026-01-09

Last Modified

2026-02-24

References

https://github.com/FluidSynth/fluidsynth/issues/1602 https://github.com/FluidSynth/fluidsynth/pull/1607