GHSA-2ccx-cjjh-r2j8: MediaMTX affected by CVE-2026-27143 due to vulnerable dependency

May 6, 2026

Release 1.17.1 seems affected by CVE-2026-27143. golang 1.25.9 Seems to solve the issue. Is there any new release planned?

References

github.com/advisories/GHSA-2ccx-cjjh-r2j8
github.com/bluenviron/mediamtx
github.com/bluenviron/mediamtx/releases/tag/v1.18.0
github.com/bluenviron/mediamtx/security/advisories/GHSA-2ccx-cjjh-r2j8
nvd.nist.gov/vuln/detail/CVE-2026-27143

Code Behaviors & Features

Detect and mitigate GHSA-2ccx-cjjh-r2j8 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →