MEDIUM
VideoLAN
CVE published 2026-02-26
CVE-2026-26227
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-02-26T18:23:07.190Z and has not been modified since then. VideoLAN VLC for Android prior to version 3.7.0 contains an authentication bypass in the Remote Access Server feature due to missing or insufficient rate limiting on one-time password (OTP) verification. The Remote Access Server uses a 4-digit O [truncated]