CVE Catalog

CVE-2026-52721

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

1th percentile — higher than 1% of all known CVEs

Summary

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing.

Risk Assessment

This vulnerability could lead to application crashes or information disclosure if a local attacker tricks a user into processing a specially crafted PCAP file.

Recommendation

It is recommended to restrict access to PCAP file processing functions and monitor the use of the pcapparse element to minimize risk.

Original NVD description (English source)

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS