Handler on Duty: Brad Duncan
Threat Level: green
| Published | 2026-04-16 02:16:12 |
|---|---|
| Last Modified | 2026-04-20 19:54:35 |
| AKA | CVE-2026-40962 |
| Summary | FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c. |
| Access Vector | Local | Adjacent | Network |
|---|---|---|---|
| Access Complexity | Low | Medium | High |
| Authentication | None | Single | Multiple |
| Confidentiality | None | Partial | Complete |
| Integrity | None | Partial | Complete |
| Availability | None | Partial | Complete |