CVE-2026-40962
EUVD-2026-2315316.04.2026, 02:16
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ffmpeg | ffmpeg | 𝑥 < 8.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ffmpeg |
| ||||||||||||||
| libav |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| libavcodec58_134 |
| ||||||||||
| libavformat58_76 |
| ||||||||||
| libavutil56_70 |
| ||||||||||
| libpostproc55_9 |
| ||||||||||
| libswresample3_9 |
| ||||||||||
| libswscale5_9 |
|