Heap-Based Buffer Overflow in MediaArea MediaInfoLib
CVE-2026-25104

7.8HIGH

Key Information:

Vendor: Mediaarea
Status: Mediainfolib
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-25104?

The vulnerability in MediaArea's MediaInfoLib arises from a heap-based buffer overflow during LXF file parsing, which can lead to potential execution of arbitrary code. This flaw could allow an attacker to exploit affected systems by crafting specific LXF files, posing significant security risks. Users of MediaInfoLib should take immediate steps to update their software to mitigate potential threats and safeguard their data integrity.

Affected Version(s)

MediaInfoLib 26.01

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
Feb 6, 2026

Credit

Discovered by Dimitrios Tatsis of Cisco TALOS

CVE-2026-25104 Data

JSON

Mediaarea

What is CVE-2026-25104?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit