[CRITICAL] AVideo Multi-Chain Attack: Unauthenticated Remote Code Execution via Clone Key Disclosure, Database Dump, and Command Injection

PKSA-f178-s5q3-rpz6 CVE-2026-33478 GHSA-687q-32c6-8x68

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub