CRITICAL 9.8
GHSA-2jqp-f4gr-44fr
Remotion: remote code execution (RCE) vulnerability
Details
remotion-dev remotion v4.0.409 was discovered to contain a remote code execution (RCE) vulnerability.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2026-30120 [ADVISORY]
- https://github.com/remotion-dev/remotion/pull/6378 [WEB]
- https://github.com/EaEa0001/security-advisories/blob/main/CVE-2026-30120.md [WEB]
- https://github.com/remotion-dev/remotion [PACKAGE]
- https://github.com/remotion-dev/remotion/releases/tag/v4.0.410 [WEB]