CVE-2026-40962
MEDIUM
NVD
CVSS Score
4.9
Severity
MEDIUM
Published
Apr 16, 2026
Vendor
unknown
Description
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.