wwbn security advisories
3 threat alerts tracking vulnerabilities and security advisories that affect wwbn products.
Vulnios monitors wwbn CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent wwbn security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2026-41304 — wwbn — avideo
WWBN AVideo is an open source video platform. In versions 29.0 and below, the `cloneServer.json.php` endpoint in the CloneSite plugin constructs shell commands using user-controlled input (`url` param
criticalCVE-2026-41304Critical Vulnerability: CVE-2026-40911 — wwbn — avideo
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without sanitiz
criticalCVE-2026-40911Critical Vulnerability: CVE-2026-41064 — wwbn — avideo
WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's `test.php` adds `escapeshellarg` for wget but leaves the `file_get_contents` and `cur
criticalCVE-2026-41064
Track wwbn exposure across your environment
Vulnios automatically cross-references your asset inventory against new wwbn CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan