Vulnerabilities

Report: CVE-2026-5673 - Libtheora: libtheora: denial of service or information disclosure via malformed a

2026-04-06 0 views admin

CVE ID :CVE-2026-5673 Published : April 6, 2026, 10:16 a.m. | 1 hour, 11 minutes ago Description :A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a truncated header sub-chunk. This could lead to a denial-of-service (application crash) or potentially leak sensitive information from the heap. Severity: 5.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-5673

Severity

MEDIUM

Published

April 6, 2026

Attack Vector: local

🏷️ Tags

reportlibtheoradenialserviceinformationdisclosuremalformedpublishedcvecve-2026-5673

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-5673 - Libtheora: libtheora: denial of service or information disclosure via malformed a

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-5661 - Free5GC NGSetupRequest denial of service

Report: CVE-2026-5663 - OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection

Report: - OpenAirInterface AMF NGAP Message Validation Crash CVE-2026-30078

Report: CVE-2026-5659 - pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

Report: CVE-2026-5659 - pytries datrie trie File datrie.pyx Trie.setstate deserialization