How severe is CVE-2025-34441?

CVE-2025-34441 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-34441

Name: avideo
Author: wwbn

7.5HIGH

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabli

Veröffentlicht: 12/17/2025Aktualisiert: 12/19/2025

Beschreibung

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations.

KI-AnalyseKI-gestützt

Betroffene Produkte

wwbnavideo

Referenzen

https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/
https://github.com/WWBN/AVideo/commit/1416c517e2
Patch
https://github.com/WWBN/AVideo/commit/4a53ab2056
Patch
https://www.vulncheck.com/advisories/avideo-user-information-disclosure-via-public-api
Third Party Advisory