{"uuid": "29aeb0f8-d0bb-459d-b4cd-06f7e18b5b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54458", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116926712479422983", "content": "CVE-2026-54458 (CRITICAL, CVSS 9.6): WWBN AVideo (&lt;29.0) suffers stored DOM XSS in YPTSocket plugin. Unauthenticated attackers can hijack admin sessions. Patch now \u2014 upgrade to v29.0. https://radar.offseq.com/threat/cve-2026-54458-cwe-79-improper-neutralization-of-i-57743e6d03256988 #OffSeq #XSS #WWBNA Video #infosec", "creation_timestamp": "2026-07-16T00:00:43.633185Z"}