CVE-2026-41071

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (1)

NVD HIGH: CVE-2026-41071 — libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 a...

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow (out-of-bounds read) in the SampleAuxInfoReader constructor. The SampleAuxInfoReader constructor iterates over saiz->get_num_samples() samples but doesn't validate

CVE-2026-41071

May 22, 2026NIST NVD