CVE ID :CVE-2026-35450 Published : April 6, 2026, 10:16 p.m. | 1 hour, 15 minutes ago Description :WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/API/check.ffmpeg.json.php endpoint probes the FFmpeg remote server configuration and returns connectivity status without any authentication. All sibling FFmpeg management endpoints (kill.ffmpeg.json.php, list.ffmpeg.json.php, ffmpeg.php) require User::isAdmin(). Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...