CVE Field Guide
About Us
CVE-2026-25104
PUBLISHED
Assigner:
talos
Reserved:
06.02.2026
Published:
26.05.2026
Updated:
26.05.2026
MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
Metrics
CVSS 3.1
CVSS Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Score:
7.8
CVSS score
7.8
Attack Vector
Local
Scope
Unchanged
Attack Complexity
Low
Confidentiality Impact
High
Privileges Required
None
Integrity Impact
High
User Interaction
Required
Availability Impact
High
CVSS 3.1
Product Status
Vendor
MediaArea
Product
MediaInfoLib
Versions
Default:
unaffected
Version 26.01 is affected
Credits
Discovered by Dimitrios Tatsis of Cisco TALOS
References
https://talosintelligence.com/vulnerability_reports/TALOS-2026-2367
Problem Types
CWE-191: Integer Underflow (Wrap or Wraparound)
CWE