mediaarea CVE Vulnerabilities & Metrics

Focus on mediaarea vulnerabilities and metrics.

Last updated: 16 Jun 2026, 22:25 UTC

About mediaarea Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with mediaarea. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total mediaarea CVEs: 9
Earliest CVE date: 20 Apr 2019, 15:29 UTC
Latest CVE date: 26 May 2026, 09:16 UTC

Latest CVE reference: CVE-2026-25713

Rolling Stats

30-day Count (Rolling): 4
365-day Count (Rolling): 4

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical mediaarea CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 2.52

Max CVSS: 6.8

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	5
4.0-6.9	4
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS mediaarea CVEs

These are the five CVEs with the highest CVSS scores for mediaarea, sorted by severity first and recency.

CVE-2020-15395 mediaarea Published on 30 Jun 2020, 11:15 UTC (CVSS: 6.8)
In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).
CVE-2020-26797 mediaarea Published on 18 Mar 2021, 20:15 UTC (CVSS: 5.0)
Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping.
CVE-2019-11373 mediaarea Published on 20 Apr 2019, 15:29 UTC (CVSS: 4.3)
An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.
CVE-2019-11372 mediaarea Published on 20 Apr 2019, 15:29 UTC (CVSS: 4.3)
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.
CVE-2020-36646 mediaarea Published on 07 Jan 2023, 20:15 UTC (CVSS: 2.3)
A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The manipulation of the argument Value leads to unchecked return value to null pointer dereference. Upgrading to version 0.4.39 is able to address this issue. The identifier of the patch is 6475fcccd37c9cf...

All CVEs for mediaarea

CVE-2026-25713 mediaarea vulnerability CVSS: 0 26 May 2026, 09:16 UTC

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability

CVE-2026-25104 mediaarea vulnerability CVSS: 0 26 May 2026, 09:16 UTC

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

CVE-2026-28764 mediaarea vulnerability CVSS: 0 21 May 2026, 10:16 UTC

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability

CVE-2026-22554 mediaarea vulnerability CVSS: 0 20 May 2026, 14:16 UTC

MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability

CVE-2020-36646 mediaarea vulnerability CVSS: 2.3 07 Jan 2023, 20:15 UTC

A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The manipulation of the argument Value leads to unchecked return value to null pointer dereference. Upgrading to version 0.4.39 is able to address this issue. The identifier of the patch is 6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408. It is recommended to upgrade the affected component. The identifier VDB-217629 was assigned to this vulnerability.

CVE-2020-26797 mediaarea vulnerability CVSS: 5.0 18 Mar 2021, 20:15 UTC

Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping.

CVE-2020-15395 mediaarea vulnerability CVSS: 6.8 30 Jun 2020, 11:15 UTC

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).

CVE-2019-11373 mediaarea vulnerability CVSS: 4.3 20 Apr 2019, 15:29 UTC

An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.

CVE-2019-11372 mediaarea vulnerability CVSS: 4.3 20 Apr 2019, 15:29 UTC

An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.