Ghostwire

CVE-2026-43885: AVideo Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor and Missing Authorization

HIGH CVSS 7.5 Exploit Available

Published: May 5, 2026 | Last Modified: May 5, 2026

Description

AVideo Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor and Missing Authorization

Ghostwire Analysis — What This Means Practically

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References

github.com/WWBN/AVideo/security/advisories/GHSA-xr49-f4rh-qcjf
github.com/WWBN/AVideo/commit/1c36f229d0a103528fb9f64d0a1cc0e1e8f5999b
github.com/advisories/GHSA-xr49-f4rh-qcjf
www.tenable.com/cve/CVE-2026-43885
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-43885