CVE-2023-53874 MEDIUM

CVE-2023-53874: GOM Player 2.3.90.5360 Buffer Overflow via Equalizer Preset Name

Vendor Gomlab
Product GOM Player
Weakness CWE-120
Published December 15, 2025
Last update April 7, 2026

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.

Key dates

02Disclosure timeline

December 15, 2025 CVE published
April 7, 2026 Record updated