CVE 2018-9240
ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a user uses the chat screen and another client sends a long chat message, a crash and denial of service could occur.
See the
CVE page on Mitre.org
for more details.