libgme

libgme is an audio processing library used for video game music emulation and playback. This high-severity vulnerability (CVSS 7.8) requires local access and user interaction to exploit, but once triggered grants an attacker full confidentiality, integrity, and authentication compromise without requiring special privileges. Security teams should monitor for patched versions of libgme once the vendor deadline passes in July 2026, as this vulnerability could be exploited through specially crafted audio files opened by unsuspecting users.