Search
Search is not available in local development.
Run npx pagefind --site __site after building to enable it.
JLSEC-2026-641

JLSEC-2026-641

JLSEC Published
Modified
Affected Packages
FFMPEG_jll < 8.0.0+0
FFplay_jll < 8.1.2+0
Aliases / Upstream
CVE-2025-10256

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/affirequalizer.c) due to a missing check on the return value of avmallocarray() in the configinput() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.

References