SECURITYBLEEPING COMPUTER
FFmpeg fixes PixelSmash flaw in widely used video decoder
FFmpeg addressed a vulnerability named 'PixelSmash' in its video decoder, which could allow remote code execution on Jellyfin servers and trigger denial-of-service conditions in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio.
Mentioned
Related Signal
Adjacent reporting
- Gogs patches critical zero-day enabling remote code execution
- Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
- GitHub fixes RCE flaw that gave access to millions of private repos
- New Veeam vulnerability exposes backup servers to RCE attacks
- Ivanti warns of new EPMM flaw exploited in zero-day attacks