[HIGH] AzuraCast: RCE via Liquidsoap string interpolation injection in station metadata and playlist URLs

PKSA-p9gy-8v98-hsfy GHSA-93fx-5qgc-wr38

Affected version: <=0.23.3

Reported by:
GitHub

[LOW] AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE

PKSA-9fw1-5251-nmm8 CVE-2025-67737 GHSA-9449-rphm-mjqr

Affected version: <=0.23.1

Reported by:
GitHub