OSV-2026-728

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mpv/OSV-2026-728.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-728
Published
2026-05-14T00:08:29.997657Z
Modified
2026-05-14T14:33:42.735551Z
Summary
Stack-buffer-overflow in autoload_external_files
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512622269

Crash type: Stack-buffer-overflow READ 4
Crash state:
autoload_external_files
load_external_opts_thread
worker_thread
References

Affected packages

OSS-Fuzz / mpv

Package

Name
mpv
Purl
pkg:generic/mpv

Affected ranges

Type
GIT
Repo
https://github.com/mpv-player/mpv
Events
Introduced
0cfd52074b50df623f9fa9fd9ad0ba4657311398
Fixed
6bdacac99153b5a487d108e11d2f8d7678afd2fd
Fixed
21351a058030cc67e50be138ca7bd4f96b448db2

Affected versions

v0.*
v0.39.0
v0.40.0
v0.41.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

introduced_range 
"unknown:0cfd52074b50df623f9fa9fd9ad0ba4657311398"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mpv/OSV-2026-728.yaml"
fixed_range 
"7732c305a5d23c145e84a54eaf1695f263bf9210:21351a058030cc67e50be138ca7bd4f96b448db2"