THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-52718 (MEDIUM 6.5) — A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a us

[NVD] CVE-2026-52718 (MEDIUM 6.5) — A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a us

mednvdPublished 2026-06-15

CVE-2026-52718 CVSS: 6.5 MEDIUM Published: 2026-06-15T20:16:32.317

A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a specially crafted AV1 media file,

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-52718