CVE-2026-30998: An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows att

Description

An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file.

Affected Products

Vendor	Product	Versions
ffmpeg	ffmpeg	n/a

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	ffmpeg	cert_advisory	90%

References

Related News (2 articles)

Tier B

BSI Advisories6h ago

[NEU] [mittel] ffmpeg: Mehrere Schwachstellen ermöglichen Denial of Service

→ No new info (linked only)

Tier C

VulDB1d ago

CVE-2026-30998 | FFmpeg 8.0.1 File tools/zmqsend.c denial of service

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-400

PublishedApr 13, 2026

Last enriched13h agov2

Trending Score66

Source articles2

Independent2

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 13h ago

v2Tier C23h ago

Updated vendor to FFmpeg, product to File Handler, severity to HIGH, and noted that the vulnerability is actively exploited.

descriptionaffectedVersionsseverityactivelyExploited

via VulDB

v11d ago

Initial creation

CVE-2026-30998: An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows att

Description

Affected Products

Also Affects

References

Related News (2 articles)

Community Vote

Related CVEs (3)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History