What is the CVSS score of CVE-2025-6663?

CVE-2025-6663 has a CVSS 3.0 base score of 7.8 (High). CVSS vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Gstreamer are affected by CVE-2025-6663?

CVE-2025-6663 presents notable security risk, a stack-based buffer overflow vulnerability rated CVSS 7.8.. A patch is available.

How to fix or mitigate CVE-2025-6663?

Within 7 days: Identify all affected systems and apply vendor patches promptly. If patching is delayed, consider network segmentation to limit exposure.

Gstreamer CVE-2025-6663

EUVD-2025-20240 HIGH

Stack-based Buffer Overflow (CWE-121)

2025-07-07 zdi-disclosures@trendmicro.com

RCE Buffer Overflow Stack Overflow Red Hat Gstreamer

7.8

CVSS 3.0

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 03:37 euvd

EUVD-2025-20240

Analysis Generated

Mar 16, 2026 - 03:37 vuln.today

Patch released

Mar 16, 2026 - 03:37 nvd

Patch available

CVE Published

Jul 07, 2025 - 15:15 nvd

HIGH 7.8

DescriptionNVD

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

The specific flaw exists within the parsing of H266 sei messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27381.

AnalysisAI

GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.

Technical ContextAI

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state. This vulnerability is classified as Stack-based Buffer Overflow (CWE-121).

RemediationAI

A vendor patch is available — apply it immediately. Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

More from same product – last 7 days

CVE-2026-9277 HIGH This Week

8.1 May 22

Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

Ubuntu

Priority: Medium

gst-plugins-bad1.0

Release	Status	Version
trusty	needs-triage	-
xenial	needs-triage	-
bionic	needs-triage	-
focal	needs-triage	-
jammy	needs-triage	-
noble	needs-triage	-
upstream	released	1.26.3-1
plucky	ignored	end of life, was needs-triage
oracular	ignored	end of life, was needs-triage
questing	needs-triage	-

Debian

Bug #1108973

gst-plugins-bad1.0

Release	Status	Fixed Version	Urgency
bullseye	not-affected	-	-
bullseye (security)	fixed	1.18.4-3+deb11u5	-
bookworm, bookworm (security)	fixed	1.22.0-4+deb12u6	-
trixie	fixed	1.26.2-3	-
forky, sid	fixed	1.28.1-2	-
experimental	fixed	1.26.3-1	-
bookworm	not-affected	-	-
(unstable)	fixed	1.26.2-3	-

CVE-2025-6663 vulnerability details – vuln.today

Back

Gstreamer CVE-2025-6663

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Vendor StatusVendor

Ubuntu

Debian

Share

External POC / Exploit Code