Libde265

This hub aggregates every CVE we track for Libde265, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Libde265.

• CVE-2026-49346libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow7.1Jun 19, 2026
• CVE-2026-49295libde265 has an out-of-bounds write in process_reference_picture_set via predicted short-term RPS7.1Jun 19, 2026
• CVE-2026-49337libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`4.3Jun 19, 2026
• CVE-2026-33164NULL Pointer Dereference in libde2657.5Mar 20, 2026
• CVE-2026-33165heap out-of-bounds write in libde265 1.0.165.5Mar 20, 2026
• CVE-2025-61147strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::compute_framedrop_table().6.2Feb 23, 2026
• CVE-2024-38949Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc6.5Jun 26, 2024
• CVE-2024-38950Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.6.5Jun 26, 2024
• CVE-2023-51792Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.3.3Apr 19, 2024
• CVE-2023-49467Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc.8.8Dec 7, 2023
• CVE-2023-49465Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc.8.8Dec 7, 2023
• CVE-2023-49468Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.8.8Dec 7, 2023
• CVE-2023-43887Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.8.1Nov 22, 2023
• CVE-2023-47471Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.6.5Nov 16, 2023
• CVE-2023-27102Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc.6.5Mar 15, 2023