CVE Catalog
CVE-2026-36910
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk0.16%
5th percentile — higher than 5% of all known CVEs
Summary
An access violation in the BaseSplitterFile::Read function of MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Risk Assessment
An attacker can remotely crash the application, disrupting its availability and potentially affecting users who rely on the player for multimedia processing.
Recommendation
Immediately update MPC-BE to a version containing commit 4341cb3 or later to mitigate the DoS vulnerability from malicious MP4 files.
Original NVD description (English source)
An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

