Lucene search
K

5 matches found

NVD
NVD
added 2026/06/19 7:16 p.m.15 views

CVE-2026-49339

gonic is a music streaming server / free-software subsonic server API implementation. The maintainer's fix in commit 6dd71e6a3c966867ef8c900d359a7df75789f410 added an ownership check based on playlist.UserID. However, playlist.UserID is derived from the first path segment of the attacker-controll...

7.1CVSS0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 7:11 p.m.22 views

CVE-2026-49340 gonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the host

gonic is a music streaming server / free-software subsonic server API implementation. Prior to version 0.21.0, a logic error in ServeCreateOrUpdatePlaylist allows any authenticated Subsonic user including non-admin to write playlist M3U content to an attacker-controlled absolute filesystem path o...

8.1CVSS0.00269EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 7:8 p.m.25 views

CVE-2026-49338

The CVE covers gonic, a Subsonic-compatible music server. Before 0.21.0, Subsonic API endpoints /rest/deletePlaylist.view and /rest/getPlaylist.view allowed any authenticated user to delete or read any other user’s private playlist due to missing per-resource authorization. The playlist ID is bas...

7.1CVSS5.9AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 6:23 p.m.26 views

CVE-2026-49339

Summary: CVE-2026-49339 affects gonic’s getPlaylist/deletePlaylist endpoints. A path traversal-like flaw in the ownership check allows any authenticated Subsonic user to read or delete another user’s playlist and probe host paths. The root cause is that playlist.UserID is derived from the first p...

7.1CVSS6AI score0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 6:23 p.m.19 views

CVE-2026-49339 Path traversal in getPlaylist/deletePlaylist bypasses ownership check: any authenticated user can read or delete any other user's playlist

gonic is a music streaming server / free-software subsonic server API implementation. The maintainer's fix in commit 6dd71e6a3c966867ef8c900d359a7df75789f410 added an ownership check based on playlist.UserID. However, playlist.UserID is derived from the first path segment of the attacker-controll...

7.1CVSS0.00262EPSS
Exploits0References3
Rows per page
Query Builder