Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities; these vulnerabilities stemmed from the newsletter custom template directory feature, which could lead to remote code execution...

Tautulli 安全漏洞

Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.0 contained security vulnerabilities. These vulnerabilities were due to a path traversal issue with the /newsletter/image/images API endpoints, which could lead to...

PT-2026-28791

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 1.3.10 to before version 2.17.0, an unsanitized JSONP callback parameter allows cross-origin script injection and API key theft. This issue has been patched in version 2.17.0...

PT-2025-36567

Name of the Vulnerable Software and Affected Versions: Tautulli versions prior to 2.16.0 Description: Tautulli is a Python-based monitoring and tracking tool for Plex Media Server. The /image API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files...

PT-2025-36568

Name of the Vulnerable Software and Affected Versions: Tautulli versions prior to 2.16.0 Description: Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The real pms image proxy endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read...

PT-2025-36570

Name of the Vulnerable Software and Affected Versions: Tautulli versions prior to 2.16.0 Description: Tautulli is a Python-based monitoring and tracking tool for Plex Media Server. A command injection issue in the runGit function within versioncheck.py allows attackers with administrative...