A vulnerability marked as problematic has been reported in AVideo up to 26.0 . The affected element is an unknown function of the file list.json.php of the component API Response Handler . This manipulation causes missing authorization. This vulnerability is registered as CVE-2026-56341 . Remote exploitation of the attack is possible. No exploit is available.