CVE Catalog

CVE-2026-36910

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

5th percentile — higher than 5% of all known CVEs

Summary

An access violation in the BaseSplitterFile::Read function of MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Risk Assessment

An attacker can remotely crash the application, disrupting its availability and potentially affecting users who rely on the player for multimedia processing.

Recommendation

Immediately update MPC-BE to a version containing commit 4341cb3 or later to mitigate the DoS vulnerability from malicious MP4 files.

Original NVD description (English source)

An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS