These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-28764 describes a heap-based buffer overflow in MediaArea MediaInfoLib’s LXF element parsing path. The supplied CVSS vector rates it HIGH with local access and user interaction required, and the impact is recorded as high across confidentiality, integrity, and availability.
CVE-2026-22554 is a high-severity heap-based buffer overflow in MediaArea MediaInfoLib’s channel splitting logic. The official NVD record cites a Talos CNA report and assigns a 7.8 CVSS score, with local access and user interaction required. Organizations that embed or ship MediaInfoLib should confirm whether they rely on affected builds and prioritize updates or compensating controls once vendor guidance [truncated]