CVE-2026-24937 | THREATINT

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3.

PUBLISHED Reserved 2026-01-28 | Published 2026-05-25 | Updated 2026-05-26 | Assigner Patchstack

HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-94 Improper Control of Generation of Code ('Code Injection')

Product status

Default status

unaffected

Any version before 7.1.3

affected

Credits

SSL-6-s0d | Patchstack Bug Bounty Program finder

References

patchstack.com/...code-execution-rce-vulnerability?_s_id=cve vdb-entry

cve.org (CVE-2026-24937)

nvd.nist.gov (CVE-2026-24937)

Download JSON