CVE-2026-40907 | WWBN AVideo up to 29.0 list.json.php authorization (GHSA-gpgp-w4x2-h3h7)

A vulnerability marked as problematic has been reported in WWBN AVideo up to 29.0. This impacts an unknown function of the file plugin/Live/view/Live_restreams/list.json.php. The manipulation leads to authorization bypass.

This vulnerability is referenced as CVE-2026-40907. Remote exploitation of the attack is possible. No exploit is available.

Applying a patch is the recommended action to fix this issue.VulDB Recent EntriesRead More