It’s no big deal, just keep it in mind for a little bit.
VLC is a pretty frequently used media player. It doesn’t exactly hurt that it’s free, either. There is, however a security flaw you should take notice of.
A vulnerability in the player’s code allows for Remote Code Execution under certain circumstances. Granted, this is all Greek to me, but the gist I’ve been led to, under layman’s terms, is that the flaw only pertains to the MKV filetype. Which means that it’s really only a worry if you’re the type to yar har fiddle dee dee yourself video files from the internet. In which case, you’ve probably already got a fair amount of security programs running on your rig to stop that.
So, maybe just don’t do anything obviously stupid until that patch is finished. Or do, and make sure to post the video of the results to the internet.
Source: Gizmodo (the comments section specifically)