A critical vulnerability in FFmpeg, the widely used open-source multimedia framework, can be exploited through a specially crafted video file to achieve remote code execution (RCE).
Tracked as CVE-2026-8461 and dubbed “PixelSmash,” the flaw affects FFmpeg's MagicYUV decoder.
The vulnerability was discovered by JFrog researcher Yuval Moravchick, who detailed how a seemingly harmless 50 KB media file can trigger a heap out-of-bounds write, leading to application crashes and, under specific conditions, arbitrary command execution. According to the researcher, exploitation requires only that a target application process a malicious AVI, MKV, or MOV file containing a specially crafted MagicYUV video stream.
FFmpeg serves as the media-processing backbone for countless applications and services, including desktop media players, cloud transcoding platforms, video conferencing tools, self-hosted media servers, AI frameworks, and operating system thumbnail generators. Because the vulnerable decoder is enabled by default in FFmpeg builds, the flaw potentially impacts a vast ecosystem of downstream software that inherits the vulnerable code through its dependence on FFmpeg.
Among the affected products identified by JFrog are Kodi, mpv, OBS Studio, Jellyfin, Emby, Nextcloud, Immich, PhotoPrism, and Linux desktop thumbnail generators that rely on FFmpeg for preview generation. The researchers successfully demonstrated remote code execution against both Jellyfin and Nextcloud, showing that attackers could achieve code execution simply by uploading a malicious media file that is automatically processed by the target application.
Jellyfin, one of the most popular self-hosted media server platforms, was used as a primary proof-of-concept target. In the demonstrated attack chain, a crafted MagicYUV AVI file placed inside a monitored media library triggered Jellyfin's automated metadata scanning process. The server's bundled FFmpeg component processed the file, allowing the researchers to execute arbitrary commands as the Jellyfin service account. Similarly, Nextcloud installations using the optional movie preview provider were shown to be vulnerable when generating video thumbnails.
The root cause lies in a flaw within the MagicYUV decoder's handling of video slices. JFrog found that a mismatch between buffer allocation calculations and slice-processing logic can result in a one-row heap buffer overflow in chroma plane data. While initially appearing to be a denial-of-service issue, the researchers demonstrated that the overflow could overwrite adjacent FFmpeg heap structures, including an AVBuffer object containing function pointers. By manipulating these structures, they were able to redirect execution flow and launch attacker-controlled commands.
The report notes that the demonstrated RCE exploit required Address Space Layout Randomization (ASLR) to be disabled, limiting practical exploitation in default Linux environments. However, the researchers warned that additional information-disclosure vulnerabilities could be combined with PixelSmash in future attack chains to bypass modern mitigations. Even without code execution, the vulnerability can reliably crash affected applications and disrupt media-processing services.
JFrog characterized PixelSmash as a significant software supply chain vulnerability, noting that downstream projects inherit the issue via FFmpeg. Plex was one of the few tested products that reduced exposure by compiling FFmpeg with a restricted decoder allow-list rather than enabling all available codecs by default.
The vulnerability was privately reported to the FFmpeg security team on May 13, 2026, with a fix released in FFmpeg 8.1.2 on June 17, 2026. The CVE was published a day later, and JFrog released its technical analysis today.
Administrators and developers using FFmpeg are advised to update to the patched version immediately. Organizations unable to upgrade should consider disabling the MagicYUV decoder or applying the vendor-provided patch.
Leave a Reply