FFmpeg 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に バッファオーバーフロー and vendor risk memory corruption などに関し、一部は vendor impact unexpected behavior を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-40962 | FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c. | [email protected] | 4.9 | 0.00% | 2026-04-16 | 2026-04-20 |
| CVE-2026-30999 | A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. | [email protected] | 7.5 | 0.05% | 2026-04-13 | 2026-04-23 |
| CVE-2026-30998 | An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file. | [email protected] | 7.5 | 0.05% | 2026-04-13 | 2026-04-23 |
| CVE-2026-30997 | An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. | [email protected] | 7.5 | 0.05% | 2026-04-13 | 2026-04-23 |
| CVE-2025-69693 | Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) validation at line 2267 only checks the lower bound (qp < 0) but is missing upper bound validation. The qp value can reach 65 (base value 63 from 6-bit frame header + offset +2 from read_qp_offset) while the rv60_qp_to_idx array has size 64 (valid indices 0-63). This results in out-of-bounds array access at lines 1554 (decode_cbp8), 1655 (decode_cbp16), and 1419/1421 (get_c4x4_se | [email protected] | 5.4 | 0.01% | 2026-03-16 | 2026-03-19 |
| CVE-2025-12343 | A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execu | [email protected] | 3.3 | 0.01% | 2026-02-18 | 2026-02-26 |
| CVE-2025-10256 | A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service. | [email protected] | 5.3 | 0.03% | 2026-02-18 | 2026-02-26 |
| CVE-2025-63757 | Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmpeg 8.0. | [email protected] | 7.5 | 0.07% | 2025-12-18 | 2025-12-30 |
| CVE-2024-55069 | ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c. | [email protected] | 5.3 | 0.30% | 2025-05-02 | 2025-06-03 |
| CVE-2025-1594 | A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.3 | 0.12% | 2025-02-23 | 2025-06-03 |
| CVE-2025-25469 | FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/iamf.c. | [email protected] | 6.5 | 0.06% | 2025-02-18 | 2026-01-29 |
| CVE-2025-25468 | FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/mem.c. | [email protected] | 6.5 | 0.25% | 2025-02-18 | 2026-01-29 |
| CVE-2025-22921 | FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c. | [email protected] | 6.5 | 0.15% | 2025-02-18 | 2026-01-12 |
| CVE-2025-1373 | A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The patch is identified as 43be8d07281caca2e88bfd8ee2333633e1fb1a13. It is recommended to apply a patch to fix this issue. | [email protected] | 4.8 | 0.03% | 2025-02-17 | 2025-06-03 |
| CVE-2025-0518 | Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosma | 96148269-fe82-4198-b1bf-3a73ce8bc92e | 4.8 | 0.12% | 2025-01-16 | 2025-11-03 |
| CVE-2023-6605 | A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs. | [email protected] | 7.2 | 0.09% | 2025-01-06 | 2025-11-03 |
| CVE-2023-6604 | A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation. | [email protected] | 5.3 | 0.08% | 2025-01-06 | 2025-11-03 |
| CVE-2023-6601 | A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions. | [email protected] | 4.7 | 0.04% | 2025-01-06 | 2025-11-03 |
| CVE-2024-36613 | FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. | [email protected] | 6.2 | 0.04% | 2025-01-03 | 2025-06-03 |
| CVE-2024-35365 | FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function. | [email protected] | 8.8 | 0.31% | 2025-01-03 | 2025-06-03 |