CVE-2026-40962: FFmpeg: FFmpeg: Integer overflow and out-of-bounds write via CENC subsample data

Severity: Critical

CVSS Score: 9.8

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.