20 matches found
CVE-2026-42886 Audiobookshelf: Memory amplification DoS via oversized compressed details entry in backup upload
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/backups/upload endpoint decompresses the details entry from an uploaded .audiobookshelf ZIP file entirely into memory using zip.entryData, with no limit on the decompressed size. The upload middleware als...
CVE-2026-42884
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/collections and GET /api/collections/:id endpoints return collections from all libraries without checking whether the requesting user has access to each collection's library. An authenticated user with...
CVE-2026-27963
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...
CVE-2026-27963 Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification...
EUVD-2025-12610
Malicious code in bioql PyPI...
EUVD-2023-56365
Malicious code in bioql PyPI...
CVE-2025-57800 Audiobookshelf vulnerable to OIDC token exfiltration and account takeover
Audiobookshelf is an open-source self-hosted audiobook server. In versions 2.6.0 through 2.26.3, the application does not properly restrict redirect callback URLs during OIDC authentication. An attacker can craft a login link that causes Audiobookshelf to store an arbitrary callback in a cookie,...
CVE-2023-47624
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, any user regardless of their permissions may be able to read files from the local file system due to a path traversal in the /hls endpoint. This issue may lead to Information Disclosure. As of time of...
CVE-2023-51697
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request SSRF vulnerability in podcastUtils.js. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this...
CVE-2025-46338
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...
CVE-2025-46338
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...
CVE-2025-46338 Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...
CVE-2025-46338 Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the /api/upload endpoint allows an attacker to perform a reflected cross-site scripting XSS attack by submitting malicious payloads in the libraryId field. The...
CVE-2025-46338
Audiobookshelf (self-hosted audiobook/podcast server) has a known XSS vulnerability in /api/upload (via the libraryId field) in versions prior to 2.21.0. The issue stems from improper input handling; unsanitized input is reflected in the server error message, enabling arbitrary JavaScript executi...
PT-2025-18135 · Unknown · Audiobookshelf
Name of the Vulnerable Software and Affected Versions: Audiobookshelf versions prior to 2.21.0 Description: Audiobookshelf, a self-hosted audiobook and podcast server, contains an improper input handling issue in the "/api/upload" endpoint. This allows an attacker to perform a reflected cross-sit...
CVE-2025-25205
CVE-2025-25205 affects Audiobookshelf (self-hosted server) versions 2.17.0 through 2.19.0. A flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored URL-regex patterns (e.g., r=/api/items/1/cover), enabling partial bypass of authentication and, on some ...
CVE-2025-25205 Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching
Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings lik...
CVE-2024-43797 Path Traversal in audiobookshelf
audiobookshelf is a self-hosted audiobook and podcast server. A non-admin user is not allowed to create libraries or access only the ones they have permission to. However, the LibraryController is missing the check for admin user and thus allows a path traversal issue. Allowing non-admin users to...
PT-2024-26399 · Unknown · Audiobookshelf
Name of the Vulnerable Software and Affected Versions: Audiobookshelf versions prior to 2.10.0 Description: Audiobookshelf is a self-hosted audiobook and podcast server. Opening an ebook with malicious scripts inside can lead to code execution inside the browsing context. If a user with high...
CVE-2023-47619 Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability
Audiobookshelf is a self-hosted audiobook and podcast server. In versions 2.4.3 and prior, users with the update permission are able to read arbitrary files, delete arbitrary files and send a GET request to arbitrary URLs and read the response. This issue may lead to Information Disclosure. As of...