CVE-2026-45619 — WWBN/AVideo

Q: What is the impact of CVE-2026-45619?

CVSS — Pending. The vulnerability class is Incomplete fix for CVE-2026-43884.

Q: Where can I find authoritative references?

NVD record, MITRE CVE record, and the vendor security advisory.

Summary

CVE-2026-45619 is a medium-severity vulnerability affecting WWBN/AVideo (PHP): Incomplete fix for CVE-2026-43884 — 6+ isSSRFSafeURL() sites discard $resolvedIP out-param at master HEAD post-603e7bf.

References

NVD↗MITRE↗Vendor / Advisory↗PoC repo (if published)↗

Disclosure

Reported by Kai Aizen. Status: Published. Coordinated through standard NVD/MITRE/GHSA channels.

Frequently asked

CVE-2026-45619 — questions & answers

What is CVE-2026-45619?

CVE-2026-45619 is a disclosed vulnerability (Incomplete fix for CVE-2026-43884) in WWBN/AVideo, coordinated through the standard CVE process by independent security researcher Kai Aizen.

Am I affected by CVE-2026-45619?

You are affected if your environment runs an unpatched version of WWBN/AVideo. Check the upstream advisory or NVD record for the precise affected version range, then verify against your deployed version.

How do I fix CVE-2026-45619?

Upgrade WWBN/AVideo to the version that includes the upstream fix referenced in the NVD record. If an immediate upgrade is not possible, apply the mitigation guidance from the vendor advisory and restrict exposure of the affected surface area.

What is the impact of CVE-2026-45619?

CVSS — · Pending. The vulnerability class is Incomplete fix for CVE-2026-43884; consult the NVD and vendor advisory for vector details, exploitation prerequisites, and observed impact.

Where can I find authoritative references?

NVD record at https://nvd.nist.gov/vuln/detail/CVE-2026-45619, the MITRE CVE record at https://www.cve.org/CVERecord?id=CVE-2026-45619, and the vendor's security advisory page.