CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

Astra Linux - уязвимость в libcue

Libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and earlier are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a CUE sheet from a malicious webpage. Since the file is saved to /Downloads, it...

Low: tracker-miners

Issue Overview: A flaw was found in GNOME localsearch MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker to cause a Denial ...

📄 tracker-extract 3.8.2 / tracker-miners 3.x Crash

Proof of concept exploit for tracker-extract version 3.8.2 and tracker-miners version 3.x that demonstrates a crash when parsing oversized or malformed frames from MP3/APEv2 tags...

openSUSE Security Advisory (SUSE-SU-2026:0780-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tracker-miners (SUSE-SU-2026:0780-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0780-1 advisory. - CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when...

Security update for tracker-miners

This update for tracker-miners fixes the following issues: CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files bsc1257606. CVE-2026-1765: denial of Service and potential information disclosure via crafted MP3 files bsc1257607...

Ubuntu: Security Advisory (USN-8019-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : tracker-miners vulnerabilities (USN-8019-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8019-1 advisory. Fatih elik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause...

USN-8019-1 tracker-miners vulnerabilities

Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-8019-1: tracker-miners vulnerabilities

Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2026-1764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a...

Linux Distros Unpatched Vulnerability : CVE-2026-1767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker- extract-mp3 component. A remote attacker could exploit this...

MiracleLinux 9 : tracker-miners-3.1.2-4.el9_3 (AXSA:2023-7044:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7044:02 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...

MiracleLinux 8 : tracker-miners-2.1.5-2.el8_9.1 (AXSA:2024-7359:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7359:01 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...

PT-2026-6839

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. This issue could allow an attacker to cause tracker-miners to crash, leading to a denial of service. The...

PT-2026-6842

Name of the Vulnerable Software and Affected Versions GNOME affected versions not specified Description A flaw exists in the GNOME localsearch MP3 Extractor, specifically within tracker-miners. Incorrect handling of malformed MP3 files can lead to a denial of service, potentially allowing for...

PT-2026-6841

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...

PT-2026-6840

Name of the Vulnerable Software and Affected Versions GNOME localsearch MP3 Extractor affected versions not specified Description A flaw exists in tracker-miners where it incorrectly processes malformed MP3 files. This can lead to a denial of service, potentially causing the application to crash...

TencentOS Server 3: tracker-miners (TSSA-2023:0320)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0320 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...