CVE-2016-10676
The CVE refers to rs-brightcove, a wrapper around Brightcove’s web API. The issue is that rs-brightcove downloads resources over HTTP and can be manipulated by an attacker with a privileged network position, potentially replacing a downloaded executable and causing remote code execution on the ho...