Browse all 4 CVE security advisories affecting Avid. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Avid develops digital media creation and management tools primarily used in entertainment and broadcast industries. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure default configurations. Security characteristics include complex software architectures with multiple attack surfaces. While no major public incidents have been widely documented, the presence of four CVEs indicates ongoing security challenges in protecting media workflows and sensitive content. The company's products handle valuable intellectual property, making them potential targets for both opportunistic and sophisticated attackers seeking unauthorized access or content manipulation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-26293 | Unauthenticated Path Traversal affecting Avid NEXIS — Avid NEXIS E-seriesCWE-1395 | 9.8AI | CriticalAI | 2025-07-14 |
| CVE-2024-26292 | Authenticated Arbitrary File Deletion affecting Avid NEXIS — Avid NEXIS E-seriesCWE-22 | 6.5AI | MediumAI | 2025-07-14 |
| CVE-2024-26291 | Authenticated Arbitrary File Read affecting Avid NEXIS — Avid NEXIS E-seriesCWE-285 | 6.2AI | MediumAI | 2025-07-14 |
| CVE-2024-26290 | Authenticated Remote Command Injection affecting Avid NEXIS — Avid NEXIS E-seriesCWE-20 | 8.4 | - | 2025-03-12 |
This page lists every published CVE security advisory associated with Avid. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.