CVE ID :CVE-2026-32739 Published : May 19, 2026, 7:10 p.m. | 53 minutes ago Description :libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Box_stts::get_sample_duration(), consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and is triggered during file open (parsing) - before any user interaction or image decoding. The process stays alive (no crash, no error logged), making it invisible to crash-based monitoring. This issue has been fixed in version 1.22.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...