CVE-2026-40962 on CTRL-OS 24.05
Packages: ffmpeg
Status: New
CVE Information
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.
Updates
2026-04-23 02:10 CEST
Metadata changes:
- Status for package
ffmpeg: “New”
(Amended on: 2026-04-23 02:14 CEST)