The **FFmpeg** project, a cornerstone of multimedia processing, is grappling with a critical flaw identified as 'PixelSmash'. This vulnerability, officially designated **CVE-2026-8461**, is a heap out-of-bounds write within the MagicYUV decoder, scoring a high-severity rating of 8.8. ### The PixelSmash Threat Exploitation is possible through crafted video files in common formats such as AVI, MKV, or MOV. Any application leveraging **libavcodec**, **FFmpeg**'s core library for video decoding and encoding, is potentially vulnerable. While remote code execution (RCE) is a primary concern, it often requires disabling Address Space Layout Randomization (**ASLR**) or chaining with another vulnerability to bypass this memory protection. However, a denial-of-service (DoS) condition is reliably achievable on affected targets, even without RCE. ### Root Cause and Impact Researchers at software supply-chain security company **JFrog** pinpointed the flaw's origin: an inconsistency in how the MagicYUV decoder and frame allocator compute chroma plane heights when processing video slices. This leads to a one-row heap buffer overflow.  The vulnerability can be triggered through various user actions, including opening a malicious video file, browsing directories that generate thumbnails, or any automated media ingestion workflow. **JFrog** identified numerous popular applications susceptible to PixelSmash, including **Kodi**, **OBS Studio**, **PhotoPrism**, and the thumbnail generators in **GNOME**, **KDE**, and **XFCE**. Messaging platforms like **Slack**, **Discord**, **Telegram**, and **WhatsApp**, which use **FFmpeg** for server-side video previews, may also be at risk, though they were not directly tested. ### Real-World Exploitation Scenarios **JFrog** lead researcher **Yuval Moravchick** successfully demonstrated RCE against a **Jellyfin** 10.11.9 media server. The attack path involved downloading a crafted MagicYUV AVI file into the media library, which then triggered **Jellyfin**'s automatic `ffprobe` metadata extraction. During this process, the out-of-bounds write fired, hijacking `AVBuffer.free` to `system()`, leading to arbitrary command execution as the **Jellyfin** service user.  Another potential attack vector, requiring no user interaction, involves torrent downloads. An attacker could seed a malicious video targeting **Jellyfin** users whose download directories are monitored by the application. The real-time file system monitor would detect the new file, initiating an `ffprobe` scan and triggering the exploit. While **Plex**, another widely used media server, was found to be largely immune due to its custom **FFmpeg** build with disabled decoders and a minimal allowlist, other applications remain exposed. ### Remediation and Supply Chain Concerns **JFrog** discovered **PixelSmash** and reported it to the **FFmpeg** security team on May 13. The vulnerability was addressed in **FFmpeg** version 8.1.2, released on June 17. **Jellyfin** has also updated its bundled **FFmpeg** version, and **PhotoPrism** is implementing a file format blocklist to mitigate risks. However, **Nextcloud** declined to address the flaw, citing that it exists outside of their core application. Researchers emphasize the vast attack surface of PixelSmash, as the MagicYUV decoder is present in hundreds of projects that rely on **FFmpeg** to handle untrusted input, making this a significant supply-chain security issue.