Does this count?
https://signal.org/blog/cellebrite-vulnerabilities/
> Given the number of opportunities present, we found that it’s possible to execute arbitrary code on a Cellebrite machine simply by including a specially formatted but otherwise innocuous file in any app on a device that is subsequently plugged into Cellebrite and scanned. There are virtually no limits on the code that can be executed.
But it was a product using a 9 year old ffmpeg build (at the time).
I'd still consider that an academic exercise rather than an exploit that was deployed in the real world (aka against a machine the attacker did not control)
Yeah, that’s just how life is. We used to run with Heartbleed and Spectre turned off.
> Does this count?
If Signal relies on ffmpeg to play videos instead of an externall app, i would say it is broken by design.