OSV-2026-868

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libvpx/OSV-2026-868.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-868
Published
2026-06-07T00:02:13.674568Z
Modified
2026-06-07T00:02:13.674877Z
Summary
Use-of-uninitialized-value in vp8_regular_quantize_b_sse4_1
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520318421

Crash type: Use-of-uninitialized-value
Crash state:
vp8_regular_quantize_b_sse4_1
macro_block_yrd
vp8_rd_pick_intra_mode
References

Affected packages

OSS-Fuzz / libvpx

Package

Name
libvpx
Purl
pkg:generic/libvpx

Affected ranges

Type
GIT
Repo
https://chromium.googlesource.com/webm/libvpx
Events
Introduced
49dd8ff38aaf06024cfea9d3e74d33592cc443a2
Fixed
9794f877a3e380ecd57b735b81fe94ab368f6748

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

introduced_range 
"908e88c1aa6a12a86feb5d36a919c219c42f1e2c:f662898c395f824058c997885c66c2c4c5e6e69c"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libvpx/OSV-2026-868.yaml"