Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
AnalysisAI
Heap-based buffer overflow in MediaArea MediaInfoLib's LXF (Leitch eXchange Format) parser allows attackers to achieve arbitrary code execution when a victim opens a maliciously crafted LXF media file. The flaw affects MediaInfoLib 26.01 and was reported by Cisco Talos (TALOS-2026-2367); no public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.01%.
Technical ContextAI
MediaInfoLib is a widely used open-source library from MediaArea that extracts technical and tag metadata from audio and video files, embedded in tools such as MediaInfo CLI/GUI, and consumed by media-processing pipelines, archival systems, and content-management platforms. The vulnerability resides in the parser for LXF (Leitch eXchange Format), a broadcast container format historically used by Harmonic/Leitch playout systems. The root-cause CWE-191 (Integer Underflow) - paired with the reported buffer overflow and integer overflow tags - indicates that a malformed length or size field in an LXF stream wraps around during arithmetic, producing an undersized heap allocation or oversized copy that overruns an adjacent heap chunk during subsequent parsing, corrupting heap metadata and adjacent objects.
RemediationAI
No vendor-released patch identified at time of analysis; monitor the MediaArea project (https://mediaarea.net) and the Talos advisory at https://talosintelligence.com/vulnerability_reports/TALOS-2026-2367 for a fixed version superseding 26.01, then upgrade all embedded copies of MediaInfoLib across CLI, GUI, and downstream integrations. As compensating controls until a patch is released, configure media-ingest pipelines to reject files with the LXF extension or LXF magic bytes at the gateway, which removes the attack surface entirely but blocks legitimate Leitch broadcast workflows; alternatively, run MediaInfo parsing inside a sandboxed or containerized worker with no network egress and minimal filesystem access, which contains successful exploitation at the cost of added operational complexity. End users should avoid opening LXF files from untrusted sources and disable any shell-integration previewers that auto-invoke MediaInfo on file selection.
More in Mediainfolib
View allHeap buffer overflow in MediaArea MediaInfoLib's ID3v2 metadata parser allows local attackers to achieve arbitrary code
Heap-based buffer overflow in MediaArea MediaInfoLib's LXF (Leitch eXchange Format) element parser allows attackers to a
Heap-based buffer overflow in MediaArea MediaInfoLib's Channel Splitting parser allows attackers to corrupt heap memory
Same weakness CWE-191 – Integer Underflow
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31808
GHSA-fmqg-j5qj-j8f6