CVE-2026-47114

IINA · IINA Media Player

The IINA media player is affected by a security vulnerability that requires urgent review of installed versions.

Executive summary

The IINA media player is susceptible to a security vulnerability that, given its high CVSS score, poses a significant risk to user systems.

Vulnerability

The vulnerability affects the IINA media player, though specific technical details regarding the attack vector or affected components are currently limited. Users should assume that any software processing external media files may be susceptible to code execution or local privilege escalation if the vulnerability is triggered by a malicious file.

Business impact

A successful exploit could allow an attacker to execute arbitrary code or gain unauthorized access to the host machine. With a CVSS score of 8.8, the potential for high-impact compromise makes this a critical priority for all environments where this software is deployed.

Remediation

Immediate Action: Identify all instances of IINA within the environment and update the application to the latest stable version provided by the vendor.

Proactive Monitoring: Review system logs for unusual process execution or unauthorized file access originating from the IINA application directory.

Compensating Controls: Restrict the application's access to sensitive network resources and ensure that users do not open untrusted media files from unknown sources.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Due to the high CVSS score, this vulnerability should be remediated immediately. Administrators should track the official vendor release notes for specific version requirements and prioritize deployment across all endpoints.