Vulnerability in Wwbn Avideo

CVE-2026-33867

WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo allows content owners to password-protect individual videos. The video password is stored in the database in plaintext — no hashing, salting, or enc…

EPSS: 0.000 (1.9th percentile) — read the EPSS interpretation.

Affected products

Wwbn Avideo — versions <= 26.0

Weakness classification (CWE)

CWE-312 — Cleartext Storage of Sensitive Information

References

https://github.com/WWBN/AVideo/security/advisories/GHSA-363v-5rh8-23wg (x_refsource_CONFIRM)
https://github.com/WWBN/AVideo/commit/f2d68d2adbf73588ea61be2b781d93120a819e36 (x_refsource_MISC)