CVE-2026-5236

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument npresentations leads to heap-based buffer overflow. The attack needs to be performed...

CVE-2026-5236

What is affected: Axiomatic Bento4 up to 1.6.0-641, specifically the DSI v1 Parser’s file Ap4Dac4Atom.cpp. Root cause: the AP4_BitReader::SkipBits function can be manipulated via the n_presentations argument, causing a heap-based buffer overflow. Impact: a local attack with potential heap corrupt...

Bento4 安全漏洞

Bento4 is an open-source C++ library developed by Axiomatic Systems for reading and writing MP4 files. Versions of Bento4 prior to 1.6.0-641 contained security vulnerabilities. These vulnerabilities were caused by incorrect handling of the parameter npresentations in the AP4BitReader::SkipBits...

PT-2026-29406

A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4 BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument n presentations leads to heap-based buffer overflow. The attack needs to be performed...