CVE-2026-52721
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing.
Risk Assessment
This vulnerability could lead to application crashes or information disclosure if a local attacker tricks a user into processing a specially crafted PCAP file.
Recommendation
It is recommended to restrict access to PCAP file processing functions and monitor the use of the pcapparse element to minimize risk.
Original NVD description (English source)
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.

