A newly disclosed flaw in FFmpeg known as “PixelSmash” may be exploited to execute distant code on Jellyfin servers underneath sure circumstances, doubtlessly inflicting a denial of service situation in functions comparable to Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio.
This vulnerability, tracked as CVE-2026-8461, is a heap out-of-bounds write within the MagicYUV decoder. It has a excessive severity rating of 8.8 and may be exploited by way of malicious video recordsdata in AVI, MKV, or MOV codecs.
Any software that makes use of libavcodec, FFmpeg’s core library for video decoding and encoding, is taken into account susceptible.
Nevertheless, distant code execution (RCE) may be exploited if Handle House Structure Randomization (ASLR) safety is disabled or by chaining one other vulnerability to disable the safety.
Root causes and results
Researchers at software program provide chain safety firm JFrog say PixelSmash derives from the way in which MagicYUV handles slices, that are impartial areas of a video body that may be decoded individually from the remainder of the picture.
“This vulnerability is a single-line heap buffer overflow within the MagicYUV decoder’s slicing course of, brought on by a mismatch between the body allocator and the way the decoder calculates the chroma airplane peak,” JFrog explains.
PixelSmash may be triggered when a person opens an AVI, MKV, or MOV video file, browses a listing containing the file (by way of thumbnail technology), or runs an computerized media ingestion workflow.
JFrog found that a number of in style media functions, together with Kodi, OBS Studio, PhotoPrism, and GNOME/KDE/XFCE thumbnail turbines, use FFmpeg with the MagicYUV decoder enabled and are due to this fact susceptible to PixelSmash assaults.
Slack, Discord, Telegram, and WhatsApp additionally use FFmpeg to generate server-side video previews, so they could even be prone to PixelSmash assaults, however haven’t been examined.
JFrog Principal Researcher Yuval Moravchick demonstrated that PixelSmash can be utilized for distant code execution on Jellyfin and Nextcloud (film preview enabled) cases.
“To exhibit real-world affect, we achieved full distant code execution towards a Jellyfin 10.11.9 media server, the second hottest self-hosted media server (after Plex), by a typical media library scanning pipeline,” JFrog stated.
“Assault vector: Downloading a crafted MagicYUV AVI to a media library -> Jellyfin mechanically triggers ffprobe for metadata extraction -> OOB writes are initiated -> AVBuffer.free is hijacked to system() -> Arbitrary instructions are executed because the jellyfin service person.”
Nevertheless, Moravchick identified that the RCE exploit requires ASLR (Handle House Structure Randomization) to be disabled, and CVE-2026-8461 alone can’t bypass this reminiscence safety.
In idea, one other data leaking bug in FFmpeg’s FlashSV decoder may chain with PixelSmash to bypass ASLR.
One other assault state of affairs is by way of torrent downloads, which requires no person interplay. Researchers say an attacker may seed a malicious video concentrating on Jellyfin customers who specify the applying’s media library folder because the obtain vacation spot.
“Jellyfin’s real-time file system monitor detects new recordsdata and mechanically triggers an ffprobe metadata scan. Through the scan, the exploit fires. AVBuffer.free is hijacked to system() and the attacker’s reverse shell instructions are executed because the Jellyfin service person.”
Even when RCE is prevented or unimaginable, the CVE-2026-8461 vulnerability must be ample to reliably obtain a denial of service (DoS) situation on a susceptible goal.
Researchers found that Plex, a highly regarded media server, was utilizing a customized FFmpeg construct. This construct disables the decoder and permits a minimal permit record, successfully mitigating the dangers of PixelSmash.
Other than FFmpeg releasing model 8.1.2 which fixes this flaw, Jellyfin has additionally up to date the bundled FFmpeg model and PhotoPrism is engaged on including a file format blocklist to forestall potential exploits.
The Nextcloud staff acquired the report by way of HackerOne, however declined to handle the flaw as a result of it exists exterior of Nextcloud.
JFrog found PixelSmash (CVE-2026-8461) and reported it to the FFmpeg safety staff on Could thirteenth. The builders addressed this challenge in model 8.1.2, launched on June seventeenth.
The researchers warn that PixelSmash has an enormous assault floor, because the MagicYUV decoder is current in lots of of tasks that “depend on FFmpeg to securely deal with untrusted enter”, turning this vulnerability right into a provide chain challenge.
Safety groups doc 54% of profitable assaults and challenge a warning on solely 14%. The remaining strikes invisibly by the surroundings.
Picus’ whitepaper exhibits the right way to check your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
