As a part of our ongoing efforts in vulnerability analysis at QCRI, we discovered a new Out-of-bounds read vulnerability in the MMS component of VLC Media Player (CVE-2025-51602). The vulnerability was fixed by VideoLan in VLC v3.0.22.

Security Advisory: https://images.videolan.org/security/sb-vlc3022.html