What is CVE-2026-8461?

CVE-2026-8461 is a high-severity vulnerability in Ffmpeg, classified under Out-of-bounds Write. CVSS score: 8.8/10. Published 2026-06-18.

How severe is CVE-2026-8461?

High severity. CVSS v3 base score is 8.8 out of 10.

Buffer overflow in Ffmpeg

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the…

Vulnerability class: Buffer Overflow

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Ffmpeg — versions 0

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

reefs@jfrog.com

Frequently asked questions

What is CVE-2026-8461?: CVE-2026-8461 is a high-severity vulnerability in Ffmpeg, classified under Out-of-bounds Write. CVSS score: 8.8/10. Published 2026-06-18.
How severe is CVE-2026-8461?: High severity. CVSS v3 base score is 8.8 out of 10.