FFmpeg 'PixelSmash' Vulnerability Enables Remote Code Execution and DoS Attacks

A newly disclosed vulnerability in FFmpeg, named 'PixelSmash,' can be exploited for remote code execution on Jellyfin servers under specific conditions. The flaw also causes denial-of-service (DoS) conditions in applications such as Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. The issue affects FFmpeg’s widely used video decoder, though no CVE ID or specific patch release date was mentioned. The impact includes potential unauthorized code execution and service disruption in affected software. No additional technical details, such as exploit vectors or affected FFmpeg versions, were provided.