Freedesktop Gst-plugins-good — known CVE vulnerabilities
Every CVE whose affected-product data names Freedesktop Gst-plugins-good, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-1940 — CVSS 5.1 (medium): An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation…
CVE-2026-46469 — CVSS 4.0 (medium): An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak…
CVE-2026-46470 — CVSS 4.0 (medium): An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps…