CVE Field Guide
About Us
CVE-2026-28764
PUBLISHED
Assigner:
talos
Reserved:
09.03.2026
Published:
21.05.2026
Updated:
21.05.2026
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
Metrics
CVSS 3.1
CVSS Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Score:
7.8
CVSS score
7.8
Attack Vector
Local
Scope
Unchanged
Attack Complexity
Low
Confidentiality Impact
High
Privileges Required
None
Integrity Impact
High
User Interaction
Required
Availability Impact
High
CVSS 3.1
Product Status
Vendor
MediaArea
Product
MediaInfoLib
Versions
Default:
unaffected
Version 26.01 is affected
Credits
Discovered by Dimitrios Tatsis of Cisco TALOS
References
https://talosintelligence.com/vulnerability_reports/TALOS-2026-2371
Problem Types
CWE-823: Use of Out-of-range Pointer Offset
CWE