5 matches found
CVE-2025-48948
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948 Navidrome Transcoding Permission Bypass Vulnerability Report
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating,...
CVE-2025-48948
creationtimestamp| type| source ---|---|--- 2025-05-29 12:32:05+00:00| published-proof-of-concept| https://github.com/navidrome/navidrome/security/advisories/GHSA-f238-rggp-82m3 2025-05-30 20:15:27+00:00| seen|...