Browse all 8 CVE security advisories affecting VideoLAN. AI-powered Chinese analysis, POCs, and references for each vulnerability.
VideoLAN develops VLC media player, a widely used open-source multimedia framework for playing various video formats across platforms. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often related to improper input validation and memory handling. While no major security incidents have been widely documented, the project maintains a moderate CVE count with 8 records to date. Its security posture benefits from community-driven development and regular updates, though users should remain vigilant about applying patches promptly due to the potential for arbitrary code execution through malicious media files.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-26227 | VLC for Android < 3.7.0 Remote Access OTP Authentication Bypass — VLC for AndroidCWE-307 | 3.7 | Low | 2026-02-26 |
| CVE-2026-26228 | VLC for Android < 3.7.0 Remote Access Path Traversal — VLC for AndroidCWE-22 | 4.9 | Medium | 2026-02-26 |
This page lists every published CVE security advisory associated with VideoLAN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.