A vulnerability marked as critical has been reported in WWBN AVideo up to 29.0 . Affected by this issue is the function isValidURL of the file /internal/loopback/metadata . The manipulation leads to server-side request forgery. This vulnerability is documented as CVE-2026-43879 . The attack can be initiated remotely. There is not any exploit available. To fix this issue, it is recommended to deploy a patch.