[MEDIUM] AVideo has Pre-Captcha User Enumeration and Account Status Disclosure in Password Recovery Endpoint

PKSA-rmrd-1jny-519s CVE-2026-33688 GHSA-m99f-mmvg-3xmx

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub