[MEDIUM] AVideo: Missing Authorization in Playlist Schedule Creation Allows Cross-User Broadcast Hijacking

PKSA-fw58-yv1p-mjjv CVE-2026-34245 GHSA-2rm7-j397-3fqg

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub