A vulnerability classified as critical has been found in AVideo up to 27.0 . This affects the function isSSRFSafeURL of the file plugin/Live/test.php of the component Network Configuration Handler . Performing a manipulation of the argument statsURL results in server-side request forgery. This vulnerability is reported as CVE-2026-56342 . The attack is possible to be carried out remotely. No exploit exists.