RC RANDOM CHAOS

ffmpeg

1 post

CVE-2026-31840 blames the encoder, corrupts the decoder heap
Article

CVE-2026-31840 blames the encoder, corrupts the decoder heap

CVE-2026-31840: FFmpeg's AAC path carries a heap out-of-bounds write and UAF. The bug is in the decoder, not the encoder - mechanism, exploitation surface, and telemetry.