A new vulnerability has been discovered in VLC in its latest version. Before a patch is released, it is therefore recommended that new users hold off installing it for now.
A segment of the German government, CERT-Bund, has found a new flaw in VLC, which has been called CVE-2019-13615. This flaw has been identified by NIST (a government agency) as a critical flaw. Using this vulnerability, a buffer overflow can be performed that allows remote code execution and access to the victim’s machine.
Updates on a patch
The version that needs to be fixed is 126.96.36.199, which is the latest update at the time of writing. Note that only Windows and Linux versions are affected. If you have an older version, it’s recommended you hold-off from updating. Currently, the fix is estimated at being 60% completed.