CVE-2026-5236 | Axiomatic Bento4 up to 1.6.0-641 DSI v1 Parser Ap4Dac4Atom.cpp AP4_BitReader::SkipBits n_presentations heap-based overflow (Issue 1059)

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641 and classified as critical. Affected is the function AP4_BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument n_presentations leads to heap-based buffer overflow.

This vulnerability is documented as CVE-2026-5236. The attack needs to be performed locally. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-5236 | Axiomatic Bento4 up to 1.6.0-641 DSI v1 Parser Ap4Dac4Atom.cpp AP4_BitReader::SkipBits n_presentations heap-based overflow (Issue 1059)

Post correlati

CVE-2024-26679 | Linux Kernel up to 6.7.4 inet_recv_error access control

CVE-2024-2076 | CodeAstro House Rental Management System 1.0 tenant.php missing authentication

CVE-2026-2068 | UTT 进取 520W 1.7.7-180627 /goform/formSyslogConf strcpy ServerIp buffer overflow

CVE-2024-12325 | Waymark Plugin up to 1.4.1 on WordPress content cross site scripting