Incomplete fix for CVE-2026-43884 — 6+ isSSRFSafeURL() sites discard $resolvedIP out-param at master HEAD post-603e7bf
CVE-2026-45619 is a medium-severity vulnerability affecting WWBN/AVideo (PHP): Incomplete fix for CVE-2026-43884 — 6+ isSSRFSafeURL() sites discard $resolvedIP out-param at master HEAD post-603e7bf.
Reported by Kai Aizen. Status: Published. Coordinated through standard NVD/MITRE/GHSA channels.