Gstreamer: Two Important Flaws Including Heap Write and DTLS Overflow Disclosed Together
Gstreamer framework affected by two "important" vulnerabilities: heap out-of-bounds write and DTLS stack buffer overflow, alongside a low-severity WebRTC flaw.

Key findings
- Two "important" vulnerabilities (CVSSv3 7.1 and 7.5) disclosed in Gstreamer on July 7-8, 2026.
- Heap out-of-bounds write in rfbsrc/librfb (CVE-2026-59691) and stack buffer overflow in DTLS verification (CVE-2026-59692).
- WebRTC component vulnerable to accepting SDP without fingerprint due to inverted check (CVE-2026-14935).
- Batch of three vulnerabilities disclosed within a 9-hour window.
On July 7-8, 2026, a batch of three vulnerabilities was disclosed for the Gstreamer multimedia framework. Two of these vulnerabilities, CVE-2026-59691 and CVE-2026-59692, were rated as "important" with CVSSv3 scores of 7.1 and 7.5 respectively, while CVE-2026-14935 was rated as "low" with a score of 3.7. These disclosures highlight potential security weaknesses within Gstreamer's handling of remote frame buffer protocols and DTLS certificates, as well as its WebRTC capabilities.
CVE-2026-59691, a heap out-of-bounds write vulnerability, resides within the rfbsrc/librfb component when processing 16bpp framebuffers using the Hextile encoding. This type of vulnerability can lead to memory corruption, potentially allowing an attacker to crash the application or execute arbitrary code.
CVE-2026-59692 involves a stack buffer overflow in the DTLS certificate verification process, specifically within the openssl_verify_callback function. This flaw could be exploited by an attacker presenting a malicious DTLS certificate, potentially leading to denial-of-service or code execution.
The third vulnerability, CVE-2026-14935, is related to Gstreamer's WebRTC implementation (webrtcbin). It allows the acceptance of remote SDP (Session Description Protocol) without the expected a=fingerprint attribute due to an inverted presence check. While rated as low severity, this could potentially be chained with other vulnerabilities or impact the security and integrity of WebRTC connections.
The disclosure of these vulnerabilities within a short 9-hour window indicates a coordinated release of security information. Users of Gstreamer are advised to review the specific components affected and apply any available patches or updates to mitigate these risks. The nature of these bugs, affecting core components like remote frame buffer handling, DTLS, and WebRTC, underscores the importance of keeping multimedia frameworks up-to-date to protect against potential exploitation.