Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/wwbn/avideo@21.0.0
Typecomposer
Namespacewwbn
Nameavideo
Version21.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-5cpq-6d2b-xkdv
vulnerability_id VCID-5cpq-6d2b-xkdv
summary WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 (0.0.0.0:11211) with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who can reach port 11211 can read, modify, or flush session data — enabling session hijacking, admin impersonation, and mass session destruction without any application-level authentication. This issue has been patched in version 24.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29093
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.14096
published_at 2026-06-12T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13974
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29093
1
reference_url https://github.com/WWBN/AVideo/releases/tag/24.0
reference_id 24.0
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-06T15:58:30Z/
url https://github.com/WWBN/AVideo/releases/tag/24.0
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-29093
reference_id CVE-2026-29093
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-29093
3
reference_url https://github.com/advisories/GHSA-xxpw-32hf-q8v9
reference_id GHSA-xxpw-32hf-q8v9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxpw-32hf-q8v9
4
reference_url https://github.com/WWBN/AVideo/security/advisories/GHSA-xxpw-32hf-q8v9
reference_id GHSA-xxpw-32hf-q8v9
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-06T15:58:30Z/
url https://github.com/WWBN/AVideo/security/advisories/GHSA-xxpw-32hf-q8v9
fixed_packages
0
url pkg:composer/wwbn/avideo@22.0
purl pkg:composer/wwbn/avideo@22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gxg-fdaa-tygg
1
vulnerability VCID-1mmh-vt31-kbbb
2
vulnerability VCID-1qcx-tqcr-kbhy
3
vulnerability VCID-1sx8-5eer-97aq
4
vulnerability VCID-1uab-dgtz-hqcm
5
vulnerability VCID-1ubr-3dt8-p3e4
6
vulnerability VCID-24w8-qw1k-m3ev
7
vulnerability VCID-2a5z-m2yv-13au
8
vulnerability VCID-2ny7-udfn-qqdw
9
vulnerability VCID-2qn5-shar-r7fb
10
vulnerability VCID-3jdq-k9t3-ekc5
11
vulnerability VCID-44jq-pmnk-q7e3
12
vulnerability VCID-48c5-cxqf-7yar
13
vulnerability VCID-4a4v-b69w-xbdt
14
vulnerability VCID-4ag1-ypp7-3ygs
15
vulnerability VCID-4sua-ynnm-3qhm
16
vulnerability VCID-4y4j-99kg-eybw
17
vulnerability VCID-4zu3-f1vr-kygk
18
vulnerability VCID-6t1w-33wc-r7gu
19
vulnerability VCID-72qa-csxh-5ubs
20
vulnerability VCID-77m3-thwg-pkex
21
vulnerability VCID-7an2-kvub-wbdc
22
vulnerability VCID-7kkx-jynh-q3cd
23
vulnerability VCID-83j9-2b59-nff2
24
vulnerability VCID-88hg-8udu-ebd4
25
vulnerability VCID-8b22-g4th-cba2
26
vulnerability VCID-8gf9-8z1j-hbcn
27
vulnerability VCID-8y3y-7nys-63cb
28
vulnerability VCID-8y9d-2wpy-pqfj
29
vulnerability VCID-8z3w-xyuw-eydt
30
vulnerability VCID-8zdd-12d9-mkdt
31
vulnerability VCID-926w-fk1u-vfct
32
vulnerability VCID-92s2-qetk-bucr
33
vulnerability VCID-9kxm-dc2y-63dm
34
vulnerability VCID-a5a6-qmzf-gbcz
35
vulnerability VCID-abdr-zm3m-pfa2
36
vulnerability VCID-az4q-s63g-d7ds
37
vulnerability VCID-azqu-ezb2-pyd8
38
vulnerability VCID-bcrg-a29u-cqdt
39
vulnerability VCID-bu5v-zyym-j7gh
40
vulnerability VCID-bz89-e7ng-tbaa
41
vulnerability VCID-c654-1erv-h7c8
42
vulnerability VCID-c8uz-mfg4-5qhc
43
vulnerability VCID-cafa-py93-5yea
44
vulnerability VCID-cea3-yyc7-duef
45
vulnerability VCID-ck51-5j7d-27bx
46
vulnerability VCID-cmsu-gm2f-xbdc
47
vulnerability VCID-cps6-m7k1-73ac
48
vulnerability VCID-cxqg-yhat-8ff3
49
vulnerability VCID-d3ad-s4dr-nydz
50
vulnerability VCID-dgq8-x6f4-1khy
51
vulnerability VCID-dsjq-6q73-73bm
52
vulnerability VCID-du2m-rmty-wkgs
53
vulnerability VCID-e6ub-tmcu-vqcn
54
vulnerability VCID-e8x6-xu14-uuaf
55
vulnerability VCID-ejz4-zxyp-4qbf
56
vulnerability VCID-em2c-wz4r-effx
57
vulnerability VCID-enrr-p3bb-5qgs
58
vulnerability VCID-f6db-4ua5-uqcx
59
vulnerability VCID-fkgn-tmte-nqa3
60
vulnerability VCID-g3j5-kv46-9ydx
61
vulnerability VCID-g4k9-hsbh-g7f9
62
vulnerability VCID-g4r8-kvwz-jyct
63
vulnerability VCID-gdvd-yzgn-efgk
64
vulnerability VCID-gzsg-72e2-q3gv
65
vulnerability VCID-hh4v-wfju-ayc6
66
vulnerability VCID-j1dv-68kj-1qb9
67
vulnerability VCID-j4js-8jyt-pbec
68
vulnerability VCID-jbba-q6ga-g3hs
69
vulnerability VCID-jbkf-m3xe-tqa2
70
vulnerability VCID-js47-rw1w-eudm
71
vulnerability VCID-k42k-auyh-4yce
72
vulnerability VCID-kbk6-xmz6-gkhk
73
vulnerability VCID-kmas-k2bp-5ybw
74
vulnerability VCID-kpmf-anhv-rybp
75
vulnerability VCID-m31s-e72s-pkgm
76
vulnerability VCID-m7r7-sda9-17et
77
vulnerability VCID-mez8-49wu-cyee
78
vulnerability VCID-mgwj-kzz5-6fbb
79
vulnerability VCID-mkq2-6efr-p3gs
80
vulnerability VCID-mrzq-ssp8-xbba
81
vulnerability VCID-nmhb-cp3q-wqd3
82
vulnerability VCID-nmts-t2t9-v7dx
83
vulnerability VCID-p1nt-1p6r-bqd7
84
vulnerability VCID-pam6-fens-pya2
85
vulnerability VCID-ppsd-gq8m-nqde
86
vulnerability VCID-qpnv-m8hy-hkcv
87
vulnerability VCID-qxzn-79e5-akgq
88
vulnerability VCID-rrtd-fcbr-zbcj
89
vulnerability VCID-s29b-sb6b-3bbe
90
vulnerability VCID-sh26-67hw-rbhp
91
vulnerability VCID-sh8g-92zt-17gp
92
vulnerability VCID-sq4d-x8fk-4ugy
93
vulnerability VCID-sqyg-vnng-yqab
94
vulnerability VCID-teva-kx8a-ffdk
95
vulnerability VCID-tjkb-bmeg-67dc
96
vulnerability VCID-tk1p-zzv1-h3en
97
vulnerability VCID-tm48-ttzz-fbd3
98
vulnerability VCID-ttqk-knnt-gyfd
99
vulnerability VCID-u589-8g4c-nud2
100
vulnerability VCID-ueb9-bcsn-dkep
101
vulnerability VCID-va5e-y5cp-nbhc
102
vulnerability VCID-vhea-b7uf-7ye6
103
vulnerability VCID-vrg4-4g58-8fg8
104
vulnerability VCID-vs1z-e52e-xugy
105
vulnerability VCID-vs6z-zgcf-ffb7
106
vulnerability VCID-w4ky-scpt-mkf4
107
vulnerability VCID-w7pj-efhx-r3d3
108
vulnerability VCID-wfuc-qz2z-wbh9
109
vulnerability VCID-wt13-k7hv-9be6
110
vulnerability VCID-wybg-a5q1-hkgv
111
vulnerability VCID-wysq-vy3r-qkbw
112
vulnerability VCID-x79z-g8re-vyey
113
vulnerability VCID-xhs6-cfzj-w7c6
114
vulnerability VCID-y7g3-dk1p-s3aq
115
vulnerability VCID-ybae-jsp4-3qhz
116
vulnerability VCID-yhc1-d5ug-y3b2
117
vulnerability VCID-ywr4-5ybx-b3d4
118
vulnerability VCID-yyf4-tsdh-wfdn
119
vulnerability VCID-z8t4-ckvj-83dh
120
vulnerability VCID-z9ga-c78y-v3bq
121
vulnerability VCID-zau7-46nj-zkdz
122
vulnerability VCID-zu5x-18yv-bbb2
123
vulnerability VCID-zxzw-et7f-ybhx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/wwbn/avideo@22.0
aliases CVE-2026-29093, GHSA-xxpw-32hf-q8v9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5cpq-6d2b-xkdv
1
url VCID-6w9m-5apg-zfc1
vulnerability_id VCID-6w9m-5apg-zfc1
summary WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` API endpoint accepts a `downloadURL` parameter and fetches the referenced resource server-side without proper validation or an allow-list. This allows authenticated users to trigger server-side requests to arbitrary URLs (including internal network endpoints). An authenticated attacker can leverage SSRF to interact with internal services and retrieve sensitive data (e.g., internal APIs, metadata services), potentially leading to further compromise depending on the deployment environment. This issue has been fixed in AVideo version 22.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-27732
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13294
published_at 2026-06-12T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13194
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-27732
1
reference_url https://github.com/WWBN/AVideo/releases/tag/22.0
reference_id 22.0
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-27T20:49:30Z/
url https://github.com/WWBN/AVideo/releases/tag/22.0
2
reference_url https://github.com/WWBN/AVideo/commit/384ef2548093f4cbb1bfac00f1f429fe57fab853
reference_id 384ef2548093f4cbb1bfac00f1f429fe57fab853
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-27T20:49:30Z/
url https://github.com/WWBN/AVideo/commit/384ef2548093f4cbb1bfac00f1f429fe57fab853
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-27732
reference_id CVE-2026-27732
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-27732
4
reference_url https://github.com/advisories/GHSA-h39h-7cvg-q7j6
reference_id GHSA-h39h-7cvg-q7j6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h39h-7cvg-q7j6
5
reference_url https://github.com/WWBN/AVideo/security/advisories/GHSA-h39h-7cvg-q7j6
reference_id GHSA-h39h-7cvg-q7j6
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-27T20:49:30Z/
url https://github.com/WWBN/AVideo/security/advisories/GHSA-h39h-7cvg-q7j6
fixed_packages
0
url pkg:composer/wwbn/avideo@22.0
purl pkg:composer/wwbn/avideo@22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gxg-fdaa-tygg
1
vulnerability VCID-1mmh-vt31-kbbb
2
vulnerability VCID-1qcx-tqcr-kbhy
3
vulnerability VCID-1sx8-5eer-97aq
4
vulnerability VCID-1uab-dgtz-hqcm
5
vulnerability VCID-1ubr-3dt8-p3e4
6
vulnerability VCID-24w8-qw1k-m3ev
7
vulnerability VCID-2a5z-m2yv-13au
8
vulnerability VCID-2ny7-udfn-qqdw
9
vulnerability VCID-2qn5-shar-r7fb
10
vulnerability VCID-3jdq-k9t3-ekc5
11
vulnerability VCID-44jq-pmnk-q7e3
12
vulnerability VCID-48c5-cxqf-7yar
13
vulnerability VCID-4a4v-b69w-xbdt
14
vulnerability VCID-4ag1-ypp7-3ygs
15
vulnerability VCID-4sua-ynnm-3qhm
16
vulnerability VCID-4y4j-99kg-eybw
17
vulnerability VCID-4zu3-f1vr-kygk
18
vulnerability VCID-6t1w-33wc-r7gu
19
vulnerability VCID-72qa-csxh-5ubs
20
vulnerability VCID-77m3-thwg-pkex
21
vulnerability VCID-7an2-kvub-wbdc
22
vulnerability VCID-7kkx-jynh-q3cd
23
vulnerability VCID-83j9-2b59-nff2
24
vulnerability VCID-88hg-8udu-ebd4
25
vulnerability VCID-8b22-g4th-cba2
26
vulnerability VCID-8gf9-8z1j-hbcn
27
vulnerability VCID-8y3y-7nys-63cb
28
vulnerability VCID-8y9d-2wpy-pqfj
29
vulnerability VCID-8z3w-xyuw-eydt
30
vulnerability VCID-8zdd-12d9-mkdt
31
vulnerability VCID-926w-fk1u-vfct
32
vulnerability VCID-92s2-qetk-bucr
33
vulnerability VCID-9kxm-dc2y-63dm
34
vulnerability VCID-a5a6-qmzf-gbcz
35
vulnerability VCID-abdr-zm3m-pfa2
36
vulnerability VCID-az4q-s63g-d7ds
37
vulnerability VCID-azqu-ezb2-pyd8
38
vulnerability VCID-bcrg-a29u-cqdt
39
vulnerability VCID-bu5v-zyym-j7gh
40
vulnerability VCID-bz89-e7ng-tbaa
41
vulnerability VCID-c654-1erv-h7c8
42
vulnerability VCID-c8uz-mfg4-5qhc
43
vulnerability VCID-cafa-py93-5yea
44
vulnerability VCID-cea3-yyc7-duef
45
vulnerability VCID-ck51-5j7d-27bx
46
vulnerability VCID-cmsu-gm2f-xbdc
47
vulnerability VCID-cps6-m7k1-73ac
48
vulnerability VCID-cxqg-yhat-8ff3
49
vulnerability VCID-d3ad-s4dr-nydz
50
vulnerability VCID-dgq8-x6f4-1khy
51
vulnerability VCID-dsjq-6q73-73bm
52
vulnerability VCID-du2m-rmty-wkgs
53
vulnerability VCID-e6ub-tmcu-vqcn
54
vulnerability VCID-e8x6-xu14-uuaf
55
vulnerability VCID-ejz4-zxyp-4qbf
56
vulnerability VCID-em2c-wz4r-effx
57
vulnerability VCID-enrr-p3bb-5qgs
58
vulnerability VCID-f6db-4ua5-uqcx
59
vulnerability VCID-fkgn-tmte-nqa3
60
vulnerability VCID-g3j5-kv46-9ydx
61
vulnerability VCID-g4k9-hsbh-g7f9
62
vulnerability VCID-g4r8-kvwz-jyct
63
vulnerability VCID-gdvd-yzgn-efgk
64
vulnerability VCID-gzsg-72e2-q3gv
65
vulnerability VCID-hh4v-wfju-ayc6
66
vulnerability VCID-j1dv-68kj-1qb9
67
vulnerability VCID-j4js-8jyt-pbec
68
vulnerability VCID-jbba-q6ga-g3hs
69
vulnerability VCID-jbkf-m3xe-tqa2
70
vulnerability VCID-js47-rw1w-eudm
71
vulnerability VCID-k42k-auyh-4yce
72
vulnerability VCID-kbk6-xmz6-gkhk
73
vulnerability VCID-kmas-k2bp-5ybw
74
vulnerability VCID-kpmf-anhv-rybp
75
vulnerability VCID-m31s-e72s-pkgm
76
vulnerability VCID-m7r7-sda9-17et
77
vulnerability VCID-mez8-49wu-cyee
78
vulnerability VCID-mgwj-kzz5-6fbb
79
vulnerability VCID-mkq2-6efr-p3gs
80
vulnerability VCID-mrzq-ssp8-xbba
81
vulnerability VCID-nmhb-cp3q-wqd3
82
vulnerability VCID-nmts-t2t9-v7dx
83
vulnerability VCID-p1nt-1p6r-bqd7
84
vulnerability VCID-pam6-fens-pya2
85
vulnerability VCID-ppsd-gq8m-nqde
86
vulnerability VCID-qpnv-m8hy-hkcv
87
vulnerability VCID-qxzn-79e5-akgq
88
vulnerability VCID-rrtd-fcbr-zbcj
89
vulnerability VCID-s29b-sb6b-3bbe
90
vulnerability VCID-sh26-67hw-rbhp
91
vulnerability VCID-sh8g-92zt-17gp
92
vulnerability VCID-sq4d-x8fk-4ugy
93
vulnerability VCID-sqyg-vnng-yqab
94
vulnerability VCID-teva-kx8a-ffdk
95
vulnerability VCID-tjkb-bmeg-67dc
96
vulnerability VCID-tk1p-zzv1-h3en
97
vulnerability VCID-tm48-ttzz-fbd3
98
vulnerability VCID-ttqk-knnt-gyfd
99
vulnerability VCID-u589-8g4c-nud2
100
vulnerability VCID-ueb9-bcsn-dkep
101
vulnerability VCID-va5e-y5cp-nbhc
102
vulnerability VCID-vhea-b7uf-7ye6
103
vulnerability VCID-vrg4-4g58-8fg8
104
vulnerability VCID-vs1z-e52e-xugy
105
vulnerability VCID-vs6z-zgcf-ffb7
106
vulnerability VCID-w4ky-scpt-mkf4
107
vulnerability VCID-w7pj-efhx-r3d3
108
vulnerability VCID-wfuc-qz2z-wbh9
109
vulnerability VCID-wt13-k7hv-9be6
110
vulnerability VCID-wybg-a5q1-hkgv
111
vulnerability VCID-wysq-vy3r-qkbw
112
vulnerability VCID-x79z-g8re-vyey
113
vulnerability VCID-xhs6-cfzj-w7c6
114
vulnerability VCID-y7g3-dk1p-s3aq
115
vulnerability VCID-ybae-jsp4-3qhz
116
vulnerability VCID-yhc1-d5ug-y3b2
117
vulnerability VCID-ywr4-5ybx-b3d4
118
vulnerability VCID-yyf4-tsdh-wfdn
119
vulnerability VCID-z8t4-ckvj-83dh
120
vulnerability VCID-z9ga-c78y-v3bq
121
vulnerability VCID-zau7-46nj-zkdz
122
vulnerability VCID-zu5x-18yv-bbb2
123
vulnerability VCID-zxzw-et7f-ybhx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/wwbn/avideo@22.0
aliases CVE-2026-27732, GHSA-h39h-7cvg-q7j6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6w9m-5apg-zfc1
2
url VCID-cr2c-g39n-kfe8
vulnerability_id VCID-cr2c-g39n-kfe8
summary WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a JSON-formatted POST request body. Because JSON input is parsed and merged into $_REQUEST after global security checks are executed, the payload bypasses the existing sanitization mechanisms. This issue has been patched in version 24.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28501
reference_id
reference_type
scores
0
value 0.2583
scoring_system epss
scoring_elements 0.96383
published_at 2026-06-11T12:55:00Z
1
value 0.2583
scoring_system epss
scoring_elements 0.96394
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28501
1
reference_url https://github.com/WWBN/AVideo/commit/0c10be681c64044618ab94473251bd7c9b114fa1
reference_id 0c10be681c64044618ab94473251bd7c9b114fa1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-06T16:01:32Z/
url https://github.com/WWBN/AVideo/commit/0c10be681c64044618ab94473251bd7c9b114fa1
2
reference_url https://github.com/WWBN/AVideo/releases/tag/24.0
reference_id 24.0
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-06T16:01:32Z/
url https://github.com/WWBN/AVideo/releases/tag/24.0
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28501
reference_id CVE-2026-28501
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-28501
4
reference_url https://github.com/advisories/GHSA-pv87-r9qf-x56p
reference_id GHSA-pv87-r9qf-x56p
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pv87-r9qf-x56p
5
reference_url https://github.com/WWBN/AVideo/security/advisories/GHSA-pv87-r9qf-x56p
reference_id GHSA-pv87-r9qf-x56p
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-06T16:01:32Z/
url https://github.com/WWBN/AVideo/security/advisories/GHSA-pv87-r9qf-x56p
fixed_packages
0
url pkg:composer/wwbn/avideo@22.0
purl pkg:composer/wwbn/avideo@22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1gxg-fdaa-tygg
1
vulnerability VCID-1mmh-vt31-kbbb
2
vulnerability VCID-1qcx-tqcr-kbhy
3
vulnerability VCID-1sx8-5eer-97aq
4
vulnerability VCID-1uab-dgtz-hqcm
5
vulnerability VCID-1ubr-3dt8-p3e4
6
vulnerability VCID-24w8-qw1k-m3ev
7
vulnerability VCID-2a5z-m2yv-13au
8
vulnerability VCID-2ny7-udfn-qqdw
9
vulnerability VCID-2qn5-shar-r7fb
10
vulnerability VCID-3jdq-k9t3-ekc5
11
vulnerability VCID-44jq-pmnk-q7e3
12
vulnerability VCID-48c5-cxqf-7yar
13
vulnerability VCID-4a4v-b69w-xbdt
14
vulnerability VCID-4ag1-ypp7-3ygs
15
vulnerability VCID-4sua-ynnm-3qhm
16
vulnerability VCID-4y4j-99kg-eybw
17
vulnerability VCID-4zu3-f1vr-kygk
18
vulnerability VCID-6t1w-33wc-r7gu
19
vulnerability VCID-72qa-csxh-5ubs
20
vulnerability VCID-77m3-thwg-pkex
21
vulnerability VCID-7an2-kvub-wbdc
22
vulnerability VCID-7kkx-jynh-q3cd
23
vulnerability VCID-83j9-2b59-nff2
24
vulnerability VCID-88hg-8udu-ebd4
25
vulnerability VCID-8b22-g4th-cba2
26
vulnerability VCID-8gf9-8z1j-hbcn
27
vulnerability VCID-8y3y-7nys-63cb
28
vulnerability VCID-8y9d-2wpy-pqfj
29
vulnerability VCID-8z3w-xyuw-eydt
30
vulnerability VCID-8zdd-12d9-mkdt
31
vulnerability VCID-926w-fk1u-vfct
32
vulnerability VCID-92s2-qetk-bucr
33
vulnerability VCID-9kxm-dc2y-63dm
34
vulnerability VCID-a5a6-qmzf-gbcz
35
vulnerability VCID-abdr-zm3m-pfa2
36
vulnerability VCID-az4q-s63g-d7ds
37
vulnerability VCID-azqu-ezb2-pyd8
38
vulnerability VCID-bcrg-a29u-cqdt
39
vulnerability VCID-bu5v-zyym-j7gh
40
vulnerability VCID-bz89-e7ng-tbaa
41
vulnerability VCID-c654-1erv-h7c8
42
vulnerability VCID-c8uz-mfg4-5qhc
43
vulnerability VCID-cafa-py93-5yea
44
vulnerability VCID-cea3-yyc7-duef
45
vulnerability VCID-ck51-5j7d-27bx
46
vulnerability VCID-cmsu-gm2f-xbdc
47
vulnerability VCID-cps6-m7k1-73ac
48
vulnerability VCID-cxqg-yhat-8ff3
49
vulnerability VCID-d3ad-s4dr-nydz
50
vulnerability VCID-dgq8-x6f4-1khy
51
vulnerability VCID-dsjq-6q73-73bm
52
vulnerability VCID-du2m-rmty-wkgs
53
vulnerability VCID-e6ub-tmcu-vqcn
54
vulnerability VCID-e8x6-xu14-uuaf
55
vulnerability VCID-ejz4-zxyp-4qbf
56
vulnerability VCID-em2c-wz4r-effx
57
vulnerability VCID-enrr-p3bb-5qgs
58
vulnerability VCID-f6db-4ua5-uqcx
59
vulnerability VCID-fkgn-tmte-nqa3
60
vulnerability VCID-g3j5-kv46-9ydx
61
vulnerability VCID-g4k9-hsbh-g7f9
62
vulnerability VCID-g4r8-kvwz-jyct
63
vulnerability VCID-gdvd-yzgn-efgk
64
vulnerability VCID-gzsg-72e2-q3gv
65
vulnerability VCID-hh4v-wfju-ayc6
66
vulnerability VCID-j1dv-68kj-1qb9
67
vulnerability VCID-j4js-8jyt-pbec
68
vulnerability VCID-jbba-q6ga-g3hs
69
vulnerability VCID-jbkf-m3xe-tqa2
70
vulnerability VCID-js47-rw1w-eudm
71
vulnerability VCID-k42k-auyh-4yce
72
vulnerability VCID-kbk6-xmz6-gkhk
73
vulnerability VCID-kmas-k2bp-5ybw
74
vulnerability VCID-kpmf-anhv-rybp
75
vulnerability VCID-m31s-e72s-pkgm
76
vulnerability VCID-m7r7-sda9-17et
77
vulnerability VCID-mez8-49wu-cyee
78
vulnerability VCID-mgwj-kzz5-6fbb
79
vulnerability VCID-mkq2-6efr-p3gs
80
vulnerability VCID-mrzq-ssp8-xbba
81
vulnerability VCID-nmhb-cp3q-wqd3
82
vulnerability VCID-nmts-t2t9-v7dx
83
vulnerability VCID-p1nt-1p6r-bqd7
84
vulnerability VCID-pam6-fens-pya2
85
vulnerability VCID-ppsd-gq8m-nqde
86
vulnerability VCID-qpnv-m8hy-hkcv
87
vulnerability VCID-qxzn-79e5-akgq
88
vulnerability VCID-rrtd-fcbr-zbcj
89
vulnerability VCID-s29b-sb6b-3bbe
90
vulnerability VCID-sh26-67hw-rbhp
91
vulnerability VCID-sh8g-92zt-17gp
92
vulnerability VCID-sq4d-x8fk-4ugy
93
vulnerability VCID-sqyg-vnng-yqab
94
vulnerability VCID-teva-kx8a-ffdk
95
vulnerability VCID-tjkb-bmeg-67dc
96
vulnerability VCID-tk1p-zzv1-h3en
97
vulnerability VCID-tm48-ttzz-fbd3
98
vulnerability VCID-ttqk-knnt-gyfd
99
vulnerability VCID-u589-8g4c-nud2
100
vulnerability VCID-ueb9-bcsn-dkep
101
vulnerability VCID-va5e-y5cp-nbhc
102
vulnerability VCID-vhea-b7uf-7ye6
103
vulnerability VCID-vrg4-4g58-8fg8
104
vulnerability VCID-vs1z-e52e-xugy
105
vulnerability VCID-vs6z-zgcf-ffb7
106
vulnerability VCID-w4ky-scpt-mkf4
107
vulnerability VCID-w7pj-efhx-r3d3
108
vulnerability VCID-wfuc-qz2z-wbh9
109
vulnerability VCID-wt13-k7hv-9be6
110
vulnerability VCID-wybg-a5q1-hkgv
111
vulnerability VCID-wysq-vy3r-qkbw
112
vulnerability VCID-x79z-g8re-vyey
113
vulnerability VCID-xhs6-cfzj-w7c6
114
vulnerability VCID-y7g3-dk1p-s3aq
115
vulnerability VCID-ybae-jsp4-3qhz
116
vulnerability VCID-yhc1-d5ug-y3b2
117
vulnerability VCID-ywr4-5ybx-b3d4
118
vulnerability VCID-yyf4-tsdh-wfdn
119
vulnerability VCID-z8t4-ckvj-83dh
120
vulnerability VCID-z9ga-c78y-v3bq
121
vulnerability VCID-zau7-46nj-zkdz
122
vulnerability VCID-zu5x-18yv-bbb2
123
vulnerability VCID-zxzw-et7f-ybhx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/wwbn/avideo@22.0
aliases CVE-2026-28501, GHSA-pv87-r9qf-x56p
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cr2c-g39n-kfe8
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/wwbn/avideo@21.0.0