ffmpeg

489 tracked vulnerabilities.

CVE-2026-40962 MEDIUM
FFmpeg < 8.1 - Integer Overflow and Out-of-Bounds Write via CENC Subsample Data
Apr 16, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-30999 HIGH
FFmpeg < 8.0.1 - Heap-based Buffer Overflow in av_bprint_finalize()
Apr 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-30998 HIGH
FFmpeg < 8.0.1 - Denial of Service via Crafted Input File in zmqsend.c
Apr 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-30997 HIGH
FFmpeg < 8.0.1 - Denial of Service via read_global_param() Out-of-Bounds Read
Apr 13, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-69693 MEDIUM
FFmpeg 8.0-8.0.1 - Memory Corruption
Mar 16, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-12343 LOW
FFmpeg 6.1-8.1 - Double Free in TensorFlow Backend Error Handling
Feb 18, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-10256 MEDIUM
FFmpeg 3.2-8.0 - Denial of Service via Firequalizer Filter NULL Pointer Dereference
Feb 18, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-63757 HIGH
FFmpeg 8.0 - Integer Overflow in yuv2ya16_X_c_template
Dec 18, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-59734 HIGH
FFmpeg < 8.0 - Use-After-Free in SANM Decoding via Crafted Animation
Oct 06, 2025
EPSS 0.00
CVE-2025-59733 HIGH
FFmpeg < 8.0 - Out-of-bounds Write in OpenEXR DWAA/DWAB Compression Decoding
Oct 06, 2025
EPSS 0.00
CVE-2025-59732 HIGH
FFmpeg < 8.0 - Out-of-bounds Write in OpenEXR DWAA/DWAB Compression Decoder
Oct 06, 2025
EPSS 0.00
CVE-2025-59731 MEDIUM
FFmpeg 7.1.1-8.0 - Out-of-bounds Write in OpenEXR DWAA/DWAB Compression
Oct 06, 2025
EPSS 0.00
CVE-2025-59730 MEDIUM
FFmpeg >=829680f96a7a7ff02d1543895ec0fb713309d5c0 <8.0 - Heap-Based Buffer Overflow in SANM Frame Decoding
Oct 06, 2025
EPSS 0.00
CVE-2025-59729 MEDIUM
FFmpeg >=a218cafe4d3be005ab0c61130f90db4d21afb5db <8.0 - Out-of-bounds Write in DHAV Header Parser
Oct 06, 2025
EPSS 0.00
CVE-2025-59728 HIGH
FFmpeg MPEG-DASH - Out-of-bounds Write via xmlNodeGetContent Buffer Handling
Oct 06, 2025
EPSS 0.00
CVE-2025-9951 HIGH
FFmpeg < 8.0 - Heap-based Buffer Overflow via JPEG2000 Channel Definition Atom
Sep 09, 2025
EPSS 0.01
CVE-2025-1594 MEDIUM
FFmpeg < 7.1 - Stack-based Buffer Overflow in AAC Encoder
Feb 23, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-25469 MEDIUM
FFmpeg < 2025-01-13 - Memory Leak in libavutil/iamf.c
Feb 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-25468 MEDIUM
FFmpeg < 2025-01-13 - Memory Leak in libavutil/mem.c
Feb 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-22921 MEDIUM
FFmpeg N-113007-g8d24a28d06 - NULL Pointer Dereference in JPEG2000 Decoder
Feb 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-1373 LOW
FFmpeg < 7.1 - Null Pointer Dereference in MOV Parser
Feb 17, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-0518 MEDIUM
FFmpeg 7.1 - Read Sensitive Constants Within an Executable
Jan 16, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-55069 MEDIUM
ffmpeg 7.1 - Null Pointer Dereference in iamf_read_header
May 02, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-36613 MEDIUM
FFmpeg n6.1.1 - Integer Overflow in DXA Demuxer
Jan 03, 2025
CVSS 6.2
EPSS 0.00
CVE-2024-35365 HIGH
FFmpeg n6.1.1 - Double Free in new_stream_audio Function
Jan 03, 2025
CVSS 8.8
EPSS 0.00
Products
ffmpeg 480 FFmpeg 8 MPEG-DASH 1 lavf_demuxer 1 libavcodec 1 libswresample 1
Quick Filters
Critical CVEs With Exploits In CISA KEV