Several dangerous vulnerabilities have been identified in recent days, most of which can be exploited remotely.
In the corrective release of the multimedia framework GStreamer 1.28.2, there are 11 vulnerabilities. Three of these vulnerabilities are caused by buffer overflows and can potentially lead to code execution when processing specially designed multimedia containers like MKV (CVE not assigned) and MOV/MP4 (CVE-2026-5056), as well as streams in the format H.266/VVC (CVE not assigned). The remaining 8 vulnerabilities are caused by integer overflow or NULL pointer dereference, and can lead to denial of service or information leakage when processing data in various formats. GStreamer is used in GNOME to parse metadata when automatically indexing new files, which means an attack can occur by simply downloading a file into the indexed directory ~/Downloads.
In the print server CUPS, 8 vulnerabilities were identified. Two of these vulnerabilities (CVE-2026-34980, CVE-2026-34990) can be exploited to achieve remote code execution with root rights by sending a specially designed request to the print server. The first vulnerability allows an unauthenticated attacker to execute code as the lp user, while the second vulnerability enables privilege escalation from the lp user to root by manipulating files with root privileges through the substitution of a dummy printer. A CUPS update