📄 thumbler 1.1.2 Command Injection

The thumbler package through version 1.1.2 contains a critical command injection vulnerability in the thumbnail function. User-supplied input parameters input, output, time, size are concatenated into a single ffmpeg command string and executed via childprocess.exec without proper sanitization. A...

SUSE CVE-2026-6385

A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...

Mythos and Cybersecurity

Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations--Microsoft, Appl...

FFmpeg <= 8.0.1 Multiple Vulnerabilities

The version of FFmpeg installed on the remote host is 8.0.1 or earlier. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

SUSE CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

A flaw was found in FFmpeg. This vulnerability, stemming from an integer overflow and a subsequent out-of-bounds write during the processing of Common Encryption CENC subsample data, could allow a local attacker to potentially trigger information disclosure, data corruption, or a denial of servic...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the cencschemedecrypt, cbc1schemedecrypt, censschemedecrypt, and cbcsschemedecrypt paths in libavformat/mov.c. An attacker can trigger out-of-bounds subsample size validation by supplying a crafted...

DEBIAN-CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

UBUNTU-CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

CVE-2026-40962 affects FFmpeg before 8.1. It describes an integer overflow that enables a resultant out-of-bounds write via CENC (Common Encryption) subsample data in libavformat/mov.c. The vulnerability concerns the handling of CENC subsample data and can be triggered through code paths in mov.c...

EUVD-2026-23153

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...

FFmpeg 安全漏洞

FFmpeg is a complete set of solutions developed by the FFmpeg team for recording, converting, and streaming audio and video. Versions of FFmpeg prior to 8.1 contained security vulnerabilities, which were caused by integer overflows in the processing of CENC sub-sample data, potentially leading to...

Linux Distros Unpatched Vulnerability : CVE-2026-30998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS...

Linux Distros Unpatched Vulnerability : CVE-2026-6385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DV...