[MEDIUM] AVideo has Video Password Protection Bypass via API Endpoints Returning Full Playback Sources Without Password Verification

PKSA-jgsk-3v13-mp5q CVE-2026-34369 GHSA-q6jj-r49p-94fh

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub