A stack overflow in the AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/36xxx/CVE-2026-36908.json",
"cna_assigner": "mitre"
}