PatchSiren cyber security CVE debrief
CVE-2026-52721 Red Hat CVE debrief
CVE-2026-52721 is a MEDIUM-severity vulnerability with a CVSS score of 5.3. The vulnerability affects GStreamer's pcapparse element, which is primarily used in debugging pipelines. A local attacker could trick a user into processing a specially crafted PCAP file, potentially leading to a crash or information disclosure.
- Vendor
- Red Hat
- Product
- Red Hat Enterprise Linux 10
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of GStreamer, particularly those who process PCAP files, should be aware of this vulnerability. However, the primary exposure is limited due to the element's use mainly in debugging pipelines.
Technical summary
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing.
Defensive priority
MEDIUM
Recommended defensive actions
- Review and update GStreamer installations to ensure the latest security patches are applied.
- Be cautious when processing PCAP files from untrusted sources.
Evidence notes
The CVE was published on 2026-06-15T20:16:32.700Z and last modified on 2026-06-15T21:09:52.020Z. The vendor is listed as Unknown Vendor, but evidence suggests a connection to Redhat.
Official resources
CVE-2026-52721 was published on 2026-06-15T20:16:32.700Z and last modified on 2026-06-15T21:09:52.020Z.