How severe is CVE-2025-34441?

CVE-2025-34441 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-34441

Name: avideo
Author: wwbn

7.5HIGH

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabli

Publicado: 12/17/2025Atualizado: 12/19/2025

Descrição

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations.

Análise IADesenvolvido por IA

Produtos Afetados

wwbnavideo

Referências

https://chocapikk.com/posts/2025/avideo-security-vulnerabilities/
https://github.com/WWBN/AVideo/commit/1416c517e2
Patch
https://github.com/WWBN/AVideo/commit/4a53ab2056
Patch
https://www.vulncheck.com/advisories/avideo-user-information-disclosure-via-public-api
Third Party Advisory