CVE-2026-33685 | WWBN AVideo up to 26.0 JSON API User::isAdmin authorization

March 23, 2026 Yanac

A vulnerability was found in WWBN AVideo up to 26.0 and classified as problematic. Impacted is the function User::isAdmin of the component JSON API. The manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-33685. The attack can be executed remotely. There is not any exploit available.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More