PatchSiren cyber security CVE debrief
CVE-2026-30121 remotion-dev CVE debrief
CVE-2026-30121 is an arbitrary file write vulnerability in remotion-dev remotion v4.0.409. The vulnerability was publicly disclosed on June 15, 2026. The CVE record was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-30121) and additional details can be found on [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-30121). A source reference is available at [ref-4](https://github.com/EaEa0001/security-advisories/blob/main/CVE-2026-30121.md).
- Vendor
- remotion-dev
- Product
- remotion
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of remotion-dev remotion v4.0.409 should be aware of this arbitrary file write vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability allows an attacker to write arbitrary files, potentially leading to security issues such as code execution or data tampering.
Defensive priority
High
Recommended defensive actions
- Update to a patched version of remotion-dev remotion if available.
- Review and restrict write permissions to sensitive files and directories.
- Monitor for suspicious activity and implement additional security measures as needed.
Evidence notes
The CVE record and NVD details indicate an arbitrary file write vulnerability in remotion-dev remotion v4.0.409.
Official resources
-
CVE-2026-30121 CVE record
CVE.org
-
CVE-2026-30121 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-30121 was publicly disclosed on June 15, 2026.