CVE-2025-63757

HIGH

FFmpeg <8.0 - Buffer Overflow

Title source: llm

Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmpeg 8.0.

CVSS v3 7.5

EPSS 0.0008

EPSS Percentile 24.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

CWE

CWE-190

Status published

Products (1)

ffmpeg/ffmpeg 8

Published Dec 18, 2025

Tracked Since Feb 18, 2026