Skip to main content

Mediainfolib

4 CVEs product

Monthly

CVE-2026-25104 HIGH This Week

Heap-based buffer overflow in MediaArea MediaInfoLib's LXF (Leitch eXchange Format) parser allows attackers to achieve arbitrary code execution when a victim opens a maliciously crafted LXF media file. The flaw affects MediaInfoLib 26.01 and was reported by Cisco Talos (TALOS-2026-2367); no public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.01%.

Integer Overflow Buffer Overflow Mediainfolib
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25713 HIGH This Week

Heap buffer overflow in MediaArea MediaInfoLib's ID3v2 metadata parser allows local attackers to achieve arbitrary code execution when a victim opens a crafted media file. The flaw affects MediaInfoLib 26.01 and requires user interaction to trigger, with no public exploit identified at time of analysis. While CVSS rates it 7.8 (High), the very low EPSS score (0.01%) and SSVC 'Exploitation: none' signal suggest no widespread targeting is occurring.

Heap Overflow Buffer Overflow Mediainfolib
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-28764 HIGH This Week

Heap-based buffer overflow in MediaArea MediaInfoLib's LXF (Leitch eXchange Format) element parser allows attackers to achieve arbitrary code execution when a victim opens a maliciously crafted LXF media file. The flaw, disclosed by Cisco Talos as TALOS-2026-2371 and assigned CWE-823, requires user interaction and local file access but no privileges, and at the time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.

Memory Corruption Buffer Overflow Mediainfolib
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22554 HIGH This Week

Heap-based buffer overflow in MediaArea MediaInfoLib's Channel Splitting parser allows attackers to corrupt heap memory and potentially execute arbitrary code when a victim opens a maliciously crafted media file. The CVSS 7.8 vector (AV:L/UI:R) indicates local attack with required user interaction, and no public exploit identified at time of analysis. The flaw was reported by Cisco Talos and disclosed in TALOS-2026-2374.

Buffer Overflow Heap Overflow Mediainfolib
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in MediaArea MediaInfoLib's LXF (Leitch eXchange Format) parser allows attackers to achieve arbitrary code execution when a victim opens a maliciously crafted LXF media file. The flaw affects MediaInfoLib 26.01 and was reported by Cisco Talos (TALOS-2026-2367); no public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.01%.

Integer Overflow Buffer Overflow Mediainfolib
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Heap buffer overflow in MediaArea MediaInfoLib's ID3v2 metadata parser allows local attackers to achieve arbitrary code execution when a victim opens a crafted media file. The flaw affects MediaInfoLib 26.01 and requires user interaction to trigger, with no public exploit identified at time of analysis. While CVSS rates it 7.8 (High), the very low EPSS score (0.01%) and SSVC 'Exploitation: none' signal suggest no widespread targeting is occurring.

Heap Overflow Buffer Overflow Mediainfolib
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in MediaArea MediaInfoLib's LXF (Leitch eXchange Format) element parser allows attackers to achieve arbitrary code execution when a victim opens a maliciously crafted LXF media file. The flaw, disclosed by Cisco Talos as TALOS-2026-2371 and assigned CWE-823, requires user interaction and local file access but no privileges, and at the time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.

Memory Corruption Buffer Overflow Mediainfolib
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based buffer overflow in MediaArea MediaInfoLib's Channel Splitting parser allows attackers to corrupt heap memory and potentially execute arbitrary code when a victim opens a maliciously crafted media file. The CVSS 7.8 vector (AV:L/UI:R) indicates local attack with required user interaction, and no public exploit identified at time of analysis. The flaw was reported by Cisco Talos and disclosed in TALOS-2026-2374.

Buffer Overflow Heap Overflow Mediainfolib
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy