CVE-2026-47114
IINA · IINA Media Player
The IINA media player is affected by a security vulnerability that requires urgent review of installed versions.
Executive summary
The IINA media player is susceptible to a security vulnerability that, given its high CVSS score, poses a significant risk to user systems.
Vulnerability
The vulnerability affects the IINA media player, though specific technical details regarding the attack vector or affected components are currently limited. Users should assume that any software processing external media files may be susceptible to code execution or local privilege escalation if the vulnerability is triggered by a malicious file.
Business impact
A successful exploit could allow an attacker to execute arbitrary code or gain unauthorized access to the host machine. With a CVSS score of 8.8, the potential for high-impact compromise makes this a critical priority for all environments where this software is deployed.
Remediation
Immediate Action: Identify all instances of IINA within the environment and update the application to the latest stable version provided by the vendor.
Proactive Monitoring: Review system logs for unusual process execution or unauthorized file access originating from the IINA application directory.
Compensating Controls: Restrict the application's access to sensitive network resources and ensure that users do not open untrusted media files from unknown sources.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Due to the high CVSS score, this vulnerability should be remediated immediately. Administrators should track the official vendor release notes for specific version requirements and prioritize deployment across all endpoints.