CVE-2025-1594 | FFmpeg up to 7.1 AAC Encoder libavcodec/aacenc_tns.c ff_aac_search_for_tns stack-based overflow (Nessus ID 265685 / WID-SEC-2025-0429)
A vulnerability described as critical has been identified in FFmpeg up to 7.1. The affected element is the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. Such manipulation leads to stack-based buffer overflow.
This vulnerability is listed as CVE-2025-1594. The attack may be performed from remote. In addition, an exploit is available.