GStreamer — Vulnerabilities & Security Advisories 65

All 65 CVE vulnerabilities found in GStreamer, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE ID	Title	CVSS	Severity	Published
CVE-2026-3084	GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability CWE-191	8.4	-	2026-03-13
CVE-2026-2921	GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CWE-190	7.8	-	2026-03-13
CVE-2026-3083	GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-129	9.8	-	2026-03-13
CVE-2026-3086	GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787	8.4	-	2026-03-13
CVE-2026-3085	GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122	9.8	-	2026-03-13
CVE-2026-3082	GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122	8.8	-	2026-03-13
CVE-2026-3081	GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121	8.4	-	2026-03-13
CVE-2026-2923	GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787	8.4	-	2026-03-13
CVE-2026-2922	GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787	8.4	-	2026-03-13
CVE-2026-2920	GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122	7.8	-	2026-03-13
CVE-2025-6663	GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121	9.8	-	2025-07-07
CVE-2025-2759	GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability CWE-732	7.8^AI	High^AI	2025-05-22
CVE-2025-3887	GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121	9.8^AI	Critical^AI	2025-05-22
CVE-2024-47834	GHSL-2024-280: Gstreamer Use-After-Free read in Matroska CodecPrivate CWE-416	7.7	-	2024-12-11
CVE-2024-47835	GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser CWE-476	5.5	-	2024-12-11
CVE-2024-47778	GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk CWE-125	8.1	-	2024-12-11
CVE-2024-47777	GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk CWE-125	5.5	-	2024-12-11
CVE-2024-47776	GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk CWE-125	7.1	-	2024-12-11
CVE-2024-47775	GHSL-2024-261: GStreamer has an OOB-read in parse_ds64 CWE-125	7.1	-	2024-12-11
CVE-2024-47774	GHSL-2024-262: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk CWE-125	7.1	-	2024-12-11
CVE-2024-47613	GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush CWE-476	7.1	-	2024-12-11
CVE-2024-47615	GHSL-2024-117: GStreamer has an out-of-bounds write in Ogg demuxer CWE-787	7.1	-	2024-12-11
CVE-2024-47607	GHSL-2024-116: Stack-buffer overflow in gst_opus_dec_parse_header CWE-121	7.8	-	2024-12-11
CVE-2024-47606	GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes CWE-190	8.4	-	2024-12-11
CVE-2024-47603	GHSL-2024-251: GStreamer NULL-pointer dereference in Matroska/WebM demuxer CWE-476	5.5	-	2024-12-11
CVE-2024-47602	GHSL-2024-250: Streamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer CWE-476	5.5	-	2024-12-11
CVE-2024-47601	GHSL-2024-249: GStreamer has a NULL-pointer dereference in Matroska/WebM demuxer CWE-476	5.5	-	2024-12-11
CVE-2024-47600	GHSL-2024-248: GStreamer has an OOB-read in format_channel_mask CWE-125	7.1	-	2024-12-11
CVE-2024-47599	GHSL-2024-247: GStreamer Insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences CWE-476	5.5	-	2024-12-11
CVE-2024-47598	GHSL-2024-246: GStreamer has an OOB-read in qtdemux_merge_sample_table CWE-125	5.5	-	2024-12-11

All 65 known CVE vulnerabilities affecting GStreamer with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

GStreamer — Vulnerabilities & Security Advisories 65