Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Windows WAV and AIFF File Handler Has Memory Leak
OESA-2026-1603
Summary
Libsndfile, a library used by many audio applications, has a flaw that can cause memory issues when handling certain audio files. This could potentially lead to a denial-of-service or data corruption. Update to version 1.2.3 or later to fix the issue.
What to do
- Update libsndfile to version 1.2.2-4.oe2403.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | libsndfile | <= 1.2.2-4.oe2403 | 1.2.2-4.oe2403 |
Original title
libsndfile security update
Original description
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface.
Security Fix(es):
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.(CVE-2025-56226)
Security Fix(es):
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.(CVE-2025-56226)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-56226 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026