https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-25T13:43:29.660074+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/e514e46d-c445-4f1c-8495-23487eed2746/exporte514e46d-c445-4f1c-8495-23487eed27462026-06-25T13:43:29.679587+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "e514e46d-c445-4f1c-8495-23487eed2746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3moxnj6hlft2l", "content": "2/ \ud83c\udfac PATCH NOW. PixelSmash (CVE-2026-8461, CVSS 8.8) in FFmpeg's video decoder. One malicious AVI/MKV/MOV file can compromise Jellyfin, Kodi, OBS, Emby, Nextcloud. Zero click on home servers. Fix: FFmpeg 8.1.2, released June 17. (JFrog/BleepingComputer)", "creation_timestamp": "2026-06-23T14:49:42.854403Z"}2026-06-23T14:49:42.854403+00:00https://vulnerability.circl.lu/sighting/b2c74d06-cd5b-462b-8eb5-202a6eef8616/exportb2c74d06-cd5b-462b-8eb5-202a6eef86162026-06-25T13:43:29.679523+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "b2c74d06-cd5b-462b-8eb5-202a6eef8616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3moxnj6hmf32l", "content": "2/ \ud83c\udfac PATCH NOW. PixelSmash (CVE-2026-8461, CVSS 8.8) in FFmpeg's video decoder. One malicious AVI/MKV/MOV file can compromise Jellyfin, Kodi, OBS, Emby, Nextcloud. Zero click on home servers. Fix: FFmpeg 8.1.2, released June 17. (JFrog/BleepingComputer)", "creation_timestamp": "2026-06-23T14:49:43.689672Z"}2026-06-23T14:49:43.689672+00:00https://vulnerability.circl.lu/sighting/1de690d9-f670-4e9a-a238-18f68711c23b/export1de690d9-f670-4e9a-a238-18f68711c23b2026-06-25T13:43:29.679460+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "1de690d9-f670-4e9a-a238-18f68711c23b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3moxnj6hned2l", "content": "2/ \ud83c\udfac PATCH NOW. PixelSmash (CVE-2026-8461, CVSS 8.8) in FFmpeg's video decoder. One malicious AVI/MKV/MOV file can compromise Jellyfin, Kodi, OBS, Emby, Nextcloud. Zero click on home servers. Fix: FFmpeg 8.1.2, released June 17. (JFrog/BleepingComputer)", "creation_timestamp": "2026-06-23T14:49:44.548665Z"}2026-06-23T14:49:44.548665+00:00https://vulnerability.circl.lu/sighting/748ab998-bebf-45e5-98f9-8758b4cf8935/export748ab998-bebf-45e5-98f9-8758b4cf89352026-06-25T13:43:29.679398+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "748ab998-bebf-45e5-98f9-8758b4cf8935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3moxnj6hnee2l", "content": "2/ \ud83c\udfac PATCH NOW. PixelSmash (CVE-2026-8461, CVSS 8.8) in FFmpeg's video decoder. One malicious AVI/MKV/MOV file can compromise Jellyfin, Kodi, OBS, Emby, Nextcloud. Zero click on home servers. Fix: FFmpeg 8.1.2, released June 17. (JFrog/BleepingComputer)", "creation_timestamp": "2026-06-23T14:49:45.376469Z"}2026-06-23T14:49:45.376469+00:00https://vulnerability.circl.lu/sighting/b9877a56-051e-48fd-ac71-1975eb2ba779/exportb9877a56-051e-48fd-ac71-1975eb2ba7792026-06-25T13:43:29.679336+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "b9877a56-051e-48fd-ac71-1975eb2ba779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3moxnj6hnef2l", "content": "2/ \ud83c\udfac PATCH NOW. PixelSmash (CVE-2026-8461, CVSS 8.8) in FFmpeg's video decoder. One malicious AVI/MKV/MOV file can compromise Jellyfin, Kodi, OBS, Emby, Nextcloud. Zero click on home servers. Fix: FFmpeg 8.1.2, released June 17. (JFrog/BleepingComputer)", "creation_timestamp": "2026-06-23T14:49:46.203064Z"}2026-06-23T14:49:46.203064+00:00https://vulnerability.circl.lu/sighting/7f38a974-219a-42cb-9399-0ed078b05f2b/export7f38a974-219a-42cb-9399-0ed078b05f2b2026-06-25T13:43:29.679274+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "7f38a974-219a-42cb-9399-0ed078b05f2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3moyq2yopls23", "content": "FFmpeg \u306e MagicYUV\u30c7\u30b3\u30fc\u30c0\u30fc\u306b\u6df1\u523b\u306a\u8106\u5f31\u6027 PixelSmash-CVE-2026-8461\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-24T01:08:07.265584Z"}2026-06-24T01:08:07.265584+00:00https://vulnerability.circl.lu/sighting/9923d8ac-233c-430f-b9eb-05e4ef84d73b/export9923d8ac-233c-430f-b9eb-05e4ef84d73b2026-06-25T13:43:29.679210+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "9923d8ac-233c-430f-b9eb-05e4ef84d73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/niiqo.bsky.social/post/3mozp3ef3og2w", "content": "PixelSmash : une faille FFmpeg expose Jellyfin au RCE\n\nwww.it-connect.fr/pixelsmash-u...\n\nPixelSmash est une faille critique de FFmpeg (CVE-2026-8461) permettant d'ex\u00e9cuter du code \u00e0 distance sur un serveur Jellyfin via un simple fichier vid\u00e9o pi\u00e9g\u00e9.\n\nLe post PixelSmash : une faille FFmp\u2026", "creation_timestamp": "2026-06-24T10:23:05.659368Z"}2026-06-24T10:23:05.659368+00:00https://vulnerability.circl.lu/sighting/ca4465ef-2f93-41ed-bfcf-d017435f84b6/exportca4465ef-2f93-41ed-bfcf-d017435f84b62026-06-25T13:43:29.679139+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "ca4465ef-2f93-41ed-bfcf-d017435f84b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mp2hd3u43l2q", "content": "A critical vulnerability, CVE-2026-8461 (\"PixelSmash\"), in FFmpeg's MagicYUV decoder allows remote code execution via crafted media files. The flaw, with a CVSS score of 8.8, affects applications like Kodi and Jellyfin, enabling attackers to exploit the bug through media file uploads.", "creation_timestamp": "2026-06-24T17:36:55.452364Z"}2026-06-24T17:36:55.452364+00:00https://vulnerability.circl.lu/sighting/c591dca3-d64a-41dc-bcee-3df97e422e33/exportc591dca3-d64a-41dc-bcee-3df97e422e332026-06-25T13:43:29.679051+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "c591dca3-d64a-41dc-bcee-3df97e422e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mp2j3hfug4n2", "content": "PixelSmash flaw turns video files into attack tools Researchers have found a critical FFmpeg flaw that could let attackers use a malicious video file to compromise vulnerable systems. A newly disco...\n\n#Bugs #News #CVE-2026-8461 #ffmpeg #MagicYUV\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-24T18:08:30.237137Z"}2026-06-24T18:08:30.237137+00:00https://vulnerability.circl.lu/sighting/1a1b4672-0df4-44bd-83de-0a9d8baec957/export1a1b4672-0df4-44bd-83de-0a9d8baec9572026-06-25T13:43:29.676210+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "1a1b4672-0df4-44bd-83de-0a9d8baec957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8461", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mp2jk54sbh2c", "content": "PixelSmash CVE-2026-8461: The Tiny Video File Flaw That Could Give Attackers Control Over FFmpeg Systems +\u00a0Video\n\nIntroduction: When a Simple Video Preview Becomes a Security Threat Modern technology depends heavily on invisible software layers that most users never notice. Every time a computer\u2026", "creation_timestamp": "2026-06-24T18:16:35.843454Z"}2026-06-24T18:16:35.843454+00:00