Do Son 
- CVE: CVE-2026-8461
- CVSS: 8.8 (High · CVSSv3)
- Product: FFmpeg
- Affected: < 8.1.2
- Impact: Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder
- Status: No confirmed exploitation yet
- Patched in: 8.1.2
- EPSS: 0.4% (30-day)
- Action: Update to 8.1.2 now
TL;DR
JFrog researchers discovered a critical heap out-of-bounds write in the FFmpeg MagicYUV decoder. The flaw is tracked as CVE-2026-8461 and has a CVSS score of 8.8. This FFmpeg MagicYUV vulnerability allows attackers to execute arbitrary code by supplying a crafted video file. Administrators must patch immediately to prevent zero-click server compromises.
Why it matters
FFmpeg processes media for hundreds of applications worldwide. The software acts as a foundational dependency for desktop players, media servers, and cloud pipelines. A single malicious file can compromise systems like Jellyfin or Nextcloud without user interaction. The researchers demonstrated this danger using a tiny 50 KB AVI file. This supply chain flaw places millions of user endpoints and servers at risk. The report notes, “The out-of-bounds write is enough to crash any application that uses FFmpeg.” Consequently, silent heap corruption can occur even if the application does not crash visibly.
How the attack works
The issue originates from a rounding mismatch within the MagicYUV decoder. It fails to calculate chroma plane heights correctly when processing subsampled pixel formats. An odd slice height value forces the decoder to write past the allocated buffer. This action deposits attacker-controlled bytes into the adjacent memory space. Attackers use this to overwrite the adjacent AVBuffer structure. Specifically, they hijack the AVBuffer free function pointer. They redirect this pointer to execute arbitrary shell commands. Finally, the host system runs the attacker’s payload during routine memory cleanup.
Affected versions
This vulnerability impacts all upstream FFmpeg builds prior to version 8.1.2. The MagicYUV decoder ships enabled by default across major Linux distributions. Downstream applications inherit this flaw silently. Affected platforms include Jellyfin, Emby, Nextcloud, GNOME thumbnailers, and AI frameworks like vLLM. Researchers estimate hundreds of software projects rely on this vulnerable component. Currently, researchers have built a public proof-of-concept exploit for Jellyfin and Nextcloud. However, no sources confirm active exploitation in the wild.
Patch or mitigation steps
Users and administrators must upgrade FFmpeg to version 8.1.2 or later. If immediate upgrades are impossible, developers can recompile FFmpeg from source. You should use the `–disable-decoder=magicyuv` flag during the build process to remove the threat entirely. JFrog also provides a minimal seven-line code patch to validate slice heights and block malicious files. You can read the full technical details and obtain the patch at the JFrog Security Research blog. Network defenders should monitor media library directories for unauthorized executable files.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
