CVE-2026-5236

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5235

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been...

EUVD-2026-17725

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been...

EUVD-2026-17729

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5235

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been...

CVE-2026-5236 Axiomatic Bento4 DSI v1 Ap4Dac4Atom.cpp SkipBits heap-based overflow

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5236

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5236

What is affected: Axiomatic Bento4 up to 1.6.0-641, specifically the DSI v1 Parser’s file Ap4Dac4Atom.cpp. Root cause: the AP4_BitReader::SkipBits function can be manipulated via the n_presentations argument, causing a heap-based buffer overflow. Impact: a local attack with potential heap corrupt...

CVE-2026-5236 Axiomatic Bento4 DSI v1 Ap4Dac4Atom.cpp SkipBits heap-based overflow

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5235

The vulnerability CVE-2026-5235 affects Axiomatic Bento4 (up to version 1.6.0-641). It targets MP4 File Parser, specifically AP4_BitReader::ReadCache in Ap4Dac4Atom.cpp, causing a heap-based buffer overflow. Exploitation is local and the exploit has been publicly disclosed. Details on affected pr...

CVE-2026-5235

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been...

CVE-2026-5235 Axiomatic Bento4 MP4 File Ap4Dac4Atom.cpp ReadCache heap-based overflow

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been...

Bento4 安全漏洞

Bento4 is an open-source C++ library developed by Axiomatic Systems, designed for reading and writing MP4 files. Versions of Bento4 prior to 1.6.0-641 contained security vulnerabilities. These vulnerabilities stemmed from a heap buffer overflow issue in the AP4BitReader::ReadCache function of the...

Bento4 安全漏洞

Bento4 is an open-source C++ library developed by Axiomatic Systems for reading and writing MP4 files. Versions of Bento4 prior to 1.6.0-641 contained security vulnerabilities. These vulnerabilities were caused by incorrect handling of the parameter npresentations in the AP4BitReader::SkipBits...

PT-2026-29402

A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4 BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been...

PT-2026-29406

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4 BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument n presentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2023-29575

Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component...

CVE-2023-29573

Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component...

CVE-2023-29574

Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component...

CVE-2018-10790

The AP4CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service application crash, related to a memory allocation failure, as demonstrated by mp2aac...