VIR Vulnerability Intelligence Relay

Package impact

php COMPOSER / azuracast/azuracast

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-42606 high 8.8 8.8 24d ago AzuraCast has Password Reset Poisoning via Untrusted X-Forwarded-Host Header that Leads to Account Takeover and 2FA Bypass php
CVE-2026-42605 high 8.8 8.8 24d ago AzuraCast has Path Traversal in `currentDirectory` Parameter that Enables Remote Code Execution via Media Upload php