[HIGH] AVideo has an Unauthenticated Blind SQL Injection in RTMP on_publish Callback via Stream Name Parameter

PKSA-v7r8-5fwd-x92z CVE-2026-33485 GHSA-8p58-35c3-ccxx

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub