Lucene search
K

20 matches found

Vulnrichment
Vulnrichment
added 2026/05/11 7:54 p.m.11 views

CVE-2026-42886 Audiobookshelf: Memory amplification DoS via oversized compressed details entry in backup upload

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/backups/upload endpoint decompresses the details entry from an uploaded .audiobookshelf ZIP file entirely into memory using zip.entryData, with no limit on the decompressed size. The upload middleware als...

4.9CVSS5.8AI score0.00257EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 7:52 p.m.6 views

CVE-2026-42884

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/collections and GET /api/collections/:id endpoints return collections from all libraries without checking whether the requesting user has access to each collection's library. An authenticated user with...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/26 2:8 a.m.6 views

CVE-2026-27963

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...

4.8CVSS5.7AI score0.00226EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/26 2:8 a.m.29 views

CVE-2026-27963 Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata

Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...

4.8CVSS0.00226EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-12610

Malicious code in bioql PyPI...

6.9CVSS6.5AI score0.00292EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-56365

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00349EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/22 5:2 p.m.8 views

CVE-2025-57800 Audiobookshelf vulnerable to OIDC token exfiltration and account takeover

Audiobookshelf is an open-source self-hosted audiobook server. In versions 2.6.0 through 2.26.3, the application does not properly restrict redirect callback URLs during OIDC authentication. An attacker can craft a login link that causes Audiobookshelf to store an arbitrary callback in a cookie,...

8.8CVSS0.00429EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.9 views

CVE-2023-47624

Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, any user regardless of their permissions may be able to read files from the local file system due to a path traversal in the /hls endpoint. This issue may lead to Information Disclosure. As of time of...

7.5CVSS6.5AI score0.00826EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:18 a.m.7 views

CVE-2023-51697

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request SSRF vulnerability in podcastUtils.js. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this...

7.5CVSS6.9AI score0.00349EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/01 5:12 a.m.23 views

CVE-2025-46338

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...

6.9CVSS6AI score0.00292EPSS
Exploits1References1
NVD
NVD
added 2025/04/29 5:15 a.m.18 views

CVE-2025-46338

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...

6.9CVSS0.00292EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/04/29 4:34 a.m.9 views

CVE-2025-46338 Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...

6.9CVSS5.8AI score0.00292EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/29 4:34 a.m.21 views

CVE-2025-46338 Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...

6.9CVSS0.00292EPSS
Exploits1References2
CVE
CVE
added 2025/04/29 4:34 a.m.69 views

CVE-2025-46338

Audiobookshelf (self-hosted audiobook/podcast server) has a known XSS vulnerability in /api/upload (via the libraryId field) in versions prior to 2.21.0. The issue stems from improper input handling; unsanitized input is reflected in the server error message, enabling arbitrary JavaScript executi...

6.9CVSS5.8AI score0.00292EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.4 views

PT-2025-18135 · Unknown · Audiobookshelf

Name of the Vulnerable Software and Affected Versions: Audiobookshelf versions prior to 2.21.0 Description: Audiobookshelf, a self-hosted audiobook and podcast server, contains an improper input handling issue in the "/api/upload" endpoint. This allows an attacker to perform a reflected cross-sit...

6.9CVSS5.6AI score0.00292EPSS
Exploits1References9
CVE
CVE
added 2025/02/12 6:16 p.m.121 views

CVE-2025-25205

CVE-2025-25205 affects Audiobookshelf (self-hosted server) versions 2.17.0 through 2.19.0. A flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored URL-regex patterns (e.g., r=/api/items/1/cover), enabling partial bypass of authentication and, on some ...

8.2CVSS8.3AI score0.03834EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2025/02/12 6:16 p.m.24 views

CVE-2025-25205 Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching

Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings lik...

8.2CVSS0.03834EPSS
Exploits2References5
OSV
OSV
added 2024/09/02 4:21 p.m.7 views

CVE-2024-43797 Path Traversal in audiobookshelf

audiobookshelf is a self-hosted audiobook and podcast server. A non-admin user is not allowed to create libraries or access only the ones they have permission to. However, the LibraryController is missing the check for admin user and thus allows a path traversal issue. Allowing non-admin users to...

6.3CVSS6.7AI score0.00546EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.6 views

PT-2024-26399 · Unknown · Audiobookshelf

Name of the Vulnerable Software and Affected Versions: Audiobookshelf versions prior to 2.10.0 Description: Audiobookshelf is a self-hosted audiobook and podcast server. Opening an ebook with malicious scripts inside can lead to code execution inside the browsing context. If a user with high...

4.8CVSS7.4AI score0.00838EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2023/12/13 9:2 p.m.4 views

CVE-2023-47619 Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability

Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of...

8.1CVSS8AI score0.00607EPSS
Exploits1References2
Rows per page
Query Builder