CVE-2026-8461

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
18/06/2026
Last modified:
15/07/2026

Description

An out-of-bounds write vulnerability in FFmpeg&amp;#39;s libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution.<br /> <br /> This vulnerability is associated with the file libavcodec/magicyuv.C.<br /> <br /> <br /> <br /> This issue affects FFmpeg before version 8.1.2.