Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Libsndfile: Critical Memory Leak Vulnerability in Specific Encoder
OESA-2026-1606
Summary
A memory leak issue exists in a specific encoder in Libsndfile, a library used to read and write audio files. This vulnerability could allow an attacker to cause a program using Libsndfile to run out of memory, potentially leading to a crash or other issues. Update to the latest version of Libsndfile to fix the issue.
What to do
- Update libsndfile to version 1.2.2-4.oe2403sp3.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | libsndfile | <= 1.2.2-4.oe2403sp3 | 1.2.2-4.oe2403sp3 |
Original title
libsndfile security update
Original description
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface.
Security Fix(es):
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.(CVE-2025-56226)
Security Fix(es):
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.(CVE-2025-56226)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-56226 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026