Critical FFmpeg Vulnerability (CVE-2026-8461) Enables Remote Code Execution via Malicious Media Files
JFrog Security Research has uncovered a high-severity heap overflow vulnerability in FFmpeg’s MagicYUV decoder, tracked as CVE-2026-8461 (CVSS 8.8), which allows attackers to execute arbitrary code remotely by delivering a single crafted media file no authentication required.
The flaw, dubbed PixelSmash, resides in FFmpeg’s libavcodec and stems from a rounding mismatch in how the frame allocator and MagicYUV decoder calculate chroma plane heights for subsampled pixel formats like YUV420P. By manipulating a slice_height value in a malicious bitstream, attackers can trigger out-of-bounds heap writes, overwriting critical memory structures. Specifically, the exploit targets FFmpeg’s AVBuffer struct, replacing a function pointer (buf->free) with the address of system() and injecting a shell command via buf->opaque, turning frame cleanup into an arbitrary command execution vector.
JFrog demonstrated full remote code execution (RCE) on two platforms using a 50 KB crafted AVI file:
- Jellyfin 10.11.9: Automatically triggered when a malicious file is placed in a monitored library folder, exploiting the media scan pipeline.
- Nextcloud: Executes commands as
www-datawhen a user browses the Files view, leveraging the Movie preview provider.
A particularly high-risk attack vector is the torrent-to-media-library pipeline, where Jellyfin users configure torrent clients to download directly into monitored folders. The exploit requires no user interaction beyond the initial download, as FFmpeg’s real-time filesystem monitor automatically processes the file.
As FFmpeg is the most widely deployed media processing framework, the impact is vast. The MagicYUV decoder is enabled by default in upstream FFmpeg builds and major Linux distributions, including Ubuntu, Debian, Fedora, Arch, and Alpine. Confirmed affected applications include:
- Media players: mpv, Kodi, OBS Studio
- File managers: GNOME, KDE, XFCE (via
ffmpegthumbnailer) - Media servers: Jellyfin, Emby, Nextcloud, Immich, PhotoPrism
- AI/ML pipelines: vLLM (crashed in all tested instances)
The exploit works across AVI, MKV, and MOV containers. Only Plex remains unaffected due to its use of a minimal FFmpeg build with--disable-decodersand a strict codec allow-list.
Mitigation requires upgrading to FFmpeg 9.0 or later. For systems unable to update immediately, workarounds include:
- Rebuilding FFmpeg with
--disable-decoder=magicyuv - Applying a 7-line patch to
libavcodec/magicyuv.cthat enforcesslice_heightvalidation
The FFmpeg and Jellyfin security teams have acknowledged the disclosure and released fixes. Exposure can be checked by running:
ffmpeg -decoders 2>/dev/null | grep magicyuv
A vulnerable system will return VFS..D magicyuv.
Source: https://cyberpress.org/critical-ffmpeg-vulnerability/
FFmpeg TPRM report: https://www.rankiteo.com/company/ffmpeg
Nextcloud TPRM report: https://www.rankiteo.com/company/nextcloud-gmbh
Kodi TPRM report: https://www.rankiteo.com/company/kodi
Immich TPRM report: https://www.rankiteo.com/company/pixelunioneu
OBS Studio TPRM report: https://www.rankiteo.com/company/impact-observatory
"id": "kodffmimpnexpix1782211302",
"linkid": "kodi, ffmpeg, impact-observatory, nextcloud-gmbh, pixelunioneu",
"type": "Vulnerability",
"date": "6/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Media/Entertainment',
'name': 'Jellyfin',
'type': 'Media server'},
{'industry': 'Cloud Storage',
'name': 'Nextcloud',
'type': 'File hosting service'},
{'industry': 'Software',
'name': 'mpv',
'type': 'Media player'},
{'industry': 'Software',
'name': 'Kodi',
'type': 'Media player'},
{'industry': 'Software',
'name': 'OBS Studio',
'type': 'Broadcasting software'},
{'industry': 'Software',
'name': 'GNOME',
'type': 'File manager'},
{'industry': 'Software',
'name': 'KDE',
'type': 'File manager'},
{'industry': 'Software',
'name': 'XFCE',
'type': 'File manager'},
{'industry': 'Media/Entertainment',
'name': 'Emby',
'type': 'Media server'},
{'industry': 'Media/Entertainment',
'name': 'Immich',
'type': 'Media server'},
{'industry': 'Media/Entertainment',
'name': 'PhotoPrism',
'type': 'Media server'},
{'industry': 'Artificial Intelligence',
'name': 'vLLM',
'type': 'AI/ML pipeline'},
{'industry': 'Operating Systems',
'name': 'Ubuntu',
'type': 'Linux distribution'},
{'industry': 'Operating Systems',
'name': 'Debian',
'type': 'Linux distribution'},
{'industry': 'Operating Systems',
'name': 'Fedora',
'type': 'Linux distribution'},
{'industry': 'Operating Systems',
'name': 'Arch',
'type': 'Linux distribution'},
{'industry': 'Operating Systems',
'name': 'Alpine',
'type': 'Linux distribution'}],
'attack_vector': 'Malicious media file (AVI, MKV, MOV)',
'description': 'JFrog Security Research uncovered a high-severity heap '
'overflow vulnerability in FFmpeg’s MagicYUV decoder '
'(CVE-2026-8461, CVSS 8.8) that allows remote code execution '
'via a crafted media file. The flaw, dubbed PixelSmash, stems '
'from a rounding mismatch in frame allocation and MagicYUV '
'decoder calculations for subsampled pixel formats like '
'YUV420P. Attackers can trigger out-of-bounds heap writes by '
'manipulating a `slice_height` value, overwriting critical '
'memory structures to execute arbitrary commands. Demonstrated '
'RCE on Jellyfin and Nextcloud via malicious AVI files, with '
'no user interaction required beyond file download or '
'browsing.',
'impact': {'brand_reputation_impact': 'Potential reputational damage for '
'affected vendors',
'operational_impact': 'Arbitrary code execution on affected '
'systems',
'systems_affected': 'Widespread (FFmpeg-based applications)'},
'investigation_status': 'Acknowledged and patched by FFmpeg and Jellyfin '
'security teams',
'post_incident_analysis': {'corrective_actions': 'Fixed in FFmpeg 9.0; '
'validation of '
'`slice_height` values '
'enforced in '
'`libavcodec/magicyuv.c`',
'root_causes': 'Rounding mismatch in FFmpeg’s '
'MagicYUV decoder frame allocation '
'for subsampled pixel formats '
'(YUV420P), leading to heap '
'overflow via manipulated '
'`slice_height` values'},
'recommendations': ['Upgrade FFmpeg to version 9.0 or later',
'Disable MagicYUV decoder if immediate upgrade is not '
'possible',
'Apply provided patch to `libavcodec/magicyuv.c`',
'Check for vulnerability using `ffmpeg -decoders '
'2>/dev/null | grep magicyuv`'],
'references': [{'source': 'JFrog Security Research'}],
'response': {'containment_measures': ['Upgrade to FFmpeg 9.0 or later',
'Rebuild FFmpeg with '
'`--disable-decoder=magicyuv`',
'Apply 7-line patch to '
'`libavcodec/magicyuv.c`'],
'remediation_measures': 'FFmpeg and Jellyfin security teams '
'released fixes',
'third_party_assistance': 'JFrog Security Research'},
'title': 'Critical FFmpeg Vulnerability (CVE-2026-8461) Enables Remote Code '
'Execution via Malicious Media Files',
'type': 'Remote Code Execution (RCE)',
'vulnerability_exploited': 'Heap overflow in FFmpeg’s MagicYUV decoder '
'(CVE-2026-8461)'}