CVE-2026-2245 - Vulnerability Details

- CCExtractor MPEG-TS File ts_tables.c parse_PMT out-of-bounds

Description

A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The name of the patch is fd7271bae238ccb3ae8a71304ea64f0886324925. It is best practice to apply a patch to resolve this issue.

Published: 2026-02-09

Score: 4.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability resides in the parse_PAT and parse_PMT functions of CCExtractor’s MPEG‑TS file parser, causing an out-of-bounds read when processing malformed program association and program map tables. Because the read occurs on data supplied from an MPEG‑TS source, an attacker could extract that memory, resulting in disclosure of sensitive information but not code execution or modification. The weakness aligns with CWE‑119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE‑125 (Out-of-bounds Read).

Affected Systems

CCExtractor versions up to 183 are affected, specifically the src/lib_ccx/ts_tables.c module that parses MPEG‑TS files. The vulnerability is present until the patch identified by commit fd7271bae238ccb3ae8a71304ea64f0886324925 is applied, after which the out-of-bounds read is resolved.

Risk and Exploitability

With a CVSS score of 4.8, the impact is moderate, and the EPSS score of less than 1% indicates a low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog, but the exploit code is publicly available and might be used. The attack vector is local; the attacker must supply a crafted MPEG‑TS file to the vulnerable process. While the attack cannot bypass local privilege restrictions, it can compromise confidentiality for the running user.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

CCExtractor

affected

Version	Status	Constraints
`183`	affected	—

No data.

Vendor Product Confidence Versions

Ccextractor

—

Version	Status	Scheme	Platform
`183`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update CCExtractor to the patched version containing commit fd7271bae238ccb3ae8a71304ea64f0886324925 or later.
If updating is not immediately possible, restrict execution of the CCExtractor binary to trusted users and prevent unauthenticated local users from providing custom MPEG‑TS inputs.
Implement additional validation or size limits on input data to mitigate the effect of malformed tables before they reach the parsing logic.

Generated by OpenCVE AI on April 18, 2026 at 18:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/CCExtractor/ccextractor/
https://github.com/CCExtractor/ccextractor/commit/fd7271bae238ccb3ae8a71304ea64f0886324925
https://github.com/CCExtractor/ccextractor/issues/2053
https://github.com/CCExtractor/ccextractor/pull/2057
https://github.com/oneafter/0123/blob/main/cc1/repro
https://vuldb.com/?ctiid.344991
https://vuldb.com/?id.344991
https://vuldb.com/?submit.753159
https://vuldb.com/?submit.753160

History

Tue, 10 Feb 2026 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 10 Feb 2026 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Ccextractor Ccextractor ccextractor
Vendors & Products		Ccextractor Ccextractor ccextractor

Mon, 09 Feb 2026 19:30:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The name of the patch is fd7271bae238ccb3ae8a71304ea64f0886324925. It is best practice to apply a patch to resolve this issue.
Title		CCExtractor MPEG-TS File ts_tables.c parse_PMT out-of-bounds
Weaknesses		CWE-119 CWE-125
References		https://github.com/CCExtractor/ccextractor/ https://github.com/CCExtractor/ccextractor/commit/fd7271bae238ccb3ae8a71304ea64f0886324925 https://github.com/CCExtractor/ccextractor/issues/2053 https://github.com/CCExtractor/ccextractor/pull/2057 https://github.com/oneafter/0123/blob/main/cc1/repro https://vuldb.com/?ctiid.344991 https://vuldb.com/?id.344991 https://vuldb.com/?submit.753159 https://vuldb.com/?submit.753160
Metrics		cvssV2_0 `{'score': 1.7, 'vector': 'AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C'}` cvssV3_0 `{'score': 3.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}` cvssV3_1 `{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}` cvssV4_0 `{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Ccextractor Ccextractor

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-09T19:02:10.417Z

Updated: 2026-02-23T10:00:52.166Z

Reserved: 2026-02-09T12:10:11.207Z

Link: CVE-2026-2245

Vulnrichment

Updated: 2026-02-10T20:04:06.793Z

NVD

Status : Deferred

Published: 2026-02-09T20:15:59.270

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-2245

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T18:15:06Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object