Tag
AVideo versions up to 26.0 are vulnerable to OS command injection due to insufficient sanitization of shell metacharacters in the `sanitizeFFmpegCommand()` function, potentially allowing arbitrary command execution.