CVE-2026-3084

Name of the Vulnerable Software and Affected Versions GStreamer (affected versions not specified)

Description This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with the library is required for exploitation, and attack vectors may vary. The flaw resides within the parsing of picture partitions due to insufficient validation of user-supplied data, leading to an integer underflow before writing to memory. An attacker can exploit this to execute code within the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.