CVE-2026-24807

🗓️ 27 Jan 2026 08:43:51Reported by GovTech CSGType

CVE-2026-24807: Buffer overflow in quick-media SeekableOutputStream from signature verification bug; before v1.0.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2026-24807	27 Jan 202608:43	–	attackerkb
Circl	CVE-2026-24807	27 Jan 202609:19	–	circl
CNNVD	Quick-Media security vulnerabilities	27 Jan 202600:00	–	cnnvd
Cvelist	CVE-2026-24807 Buffer Overflow Vulnerability in liuyueyi/quick-media	27 Jan 202608:43	–	cvelist
EUVD	EUVD-2026-17691	1 Apr 202600:31	–	euvd
EUVD	EUVD-2026-4759	27 Jan 202608:43	–	euvd
Github Security Blog	Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec	27 Jan 202609:30	–	github
NVD	CVE-2026-24807	27 Jan 202609:15	–	nvd
OSV	GHSA-23F4-HFMQ-94MJ Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec	27 Jan 202609:30	–	osv
Positive Technologies	PT-2026-4882	27 Jan 202600:00	–	ptsecurity

[
  {
    "collectionURL": "https://github.com/liuyueyi/quick-media",
    "defaultStatus": "unaffected",
    "modules": [
      "plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util"
    ],
    "product": "quick-media",
    "programFiles": [
      "SeekableOutputStream.java"
    ],
    "vendor": "liuyueyi",
    "versions": [
      {
        "lessThan": "v1.0",
        "status": "affected",
        "version": "0",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
github	www.github.com/liuyueyi/quick-media/pull/123
github	www.github.com/github/advisory-database/pull/7438
github	www.github.com/liuyueyi/quick-media/pull/123
github	www.github.com/css4j/echosvg/discussions/137

06 May 2026 17:16Current

5.9Medium risk

Vulners AI Score5.9

CVSS 45.3

EPSS0.00015

SSVC

CWE-347