CyberRota
← Ana sayfaya dön

CVE-2026-53701

MEDIUM · CVSS 6.5 EPSS %0.21 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-11T19:16:47.913 · Çekilme zamanı: 2026-06-30T18:19:37.758698+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
proof-of-concept

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-53701
Severity
MEDIUM
CVSS
6.5
EPSS
%0.21

Orijinal NVD Açıklaması

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gst_h266_parser_parse_picture_partition() (gsth266parser.c), the loop iterates without checking that the slice index stays within bounds, writing past three fixed-size arrays (slice_height_in_ctus, slice_top_left_ctu_x, slice_top_left_ctu_y) in the GstH266PPS structure. While the initial proof-of-concept demonstrated a 4-byte out-of-bounds write, the code permits larger writes across multiple iterations. A crafted H.266/VVC media file can trigger this vulnerability.