CVE-2026-63305 - AVideo through 29.0 OS Command Injection via ffmpeg.json.php
CVE ID :CVE-2026-63305 Published : July 16, 2026, 1:16 p.m. | 1 hour, 18 minutes ago Description :AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php endpoint where notifyCode and callback parameters are concatenated into a shell command without escaping....