CVE-2026-44353

A flaw was found in Streamlink. Its HLS HTTP Live Streaming and DASH Dynamic Adaptive Streaming over HTTP parsers do not properly validate the URI Uniform Resource Identifier scheme of segment entries. A remote attacker could craft a malicious HLS playlist or DASH manifest to include local file...

CVE-2026-44353

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

EUVD-2026-32559

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

JLSEC-2025-147 A flaw was found in FFmpeg's DASH playlist support

A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs...

CVE-2024-54114

Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability...