CVE-2026-3086
Awaiting Analysis Awaiting Analysis - Queue
Out-of-Bounds Write in GStreamer H.266 Parser Enables RCE

Publication date: 2026-03-16

Last updated on: 2026-03-17

Assigner: Zero Day Initiative

Description
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of APS units. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28911.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-17
Generated
2026-05-07
AI Q&A
2026-03-16
EPSS Evaluated
2026-05-05
NVD
CVE-2026-3086
EUVD
EUVD-2026-12131
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gstreamer gstreamer to 1.28.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should update GStreamer to the latest version where this issue has been addressed and corrected.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


Can you explain this vulnerability to me?

CVE-2026-3086 is a remote code execution vulnerability in the GStreamer H.266 codec parser related to the processing of APS units.

The flaw occurs because of improper validation of user-supplied data, which leads to an out-of-bounds write past the end of an allocated buffer.

Exploiting this vulnerability requires interaction with the GStreamer library, and attack methods may vary depending on how it is implemented.

If successfully exploited, an attacker can execute arbitrary code within the context of the current process.


How can this vulnerability impact me? :

This vulnerability allows remote attackers to execute arbitrary code on affected systems running the GStreamer H.266 codec parser.

Successful exploitation can lead to full compromise of the affected process, potentially allowing attackers to take control of the system or cause denial of service.

Because the vulnerability involves out-of-bounds memory writes, it can be leveraged to run malicious code, steal data, or disrupt normal operations.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart