Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-43986

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS5.6AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 2:33 p.m.37 views

CVE-2026-43986 Tautulli vulnerable to unauthenticated SSRF in /image/<hash> via attacker-seeded image hash replay

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS0.00262EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:33 p.m.7 views

CVE-2026-43986

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS5.9AI score0.00262EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 2:33 p.m.9 views

CVE-2026-43986 Tautulli vulnerable to unauthenticated SSRF in /image/<hash> via attacker-seeded image hash replay

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS5.9AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 2:33 p.m.14 views

EUVD-2026-34286

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS5.9AI score0.00262EPSS
Exploits0References2
Rows per page
Query Builder