Lucene search
+L

4 matches found

nvd
nvd
added 2026/06/04 4:16 p.m.16 views

CVE-2026-43984

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose logjserrors to any authenticated user, including guest users when guest access is enabled. The endpoint writes attacker-controlled strings directly into the main application log. The...

8.9CVSS0.00207EPSS
Exploits0References2
euvd
euvd
added 2026/06/04 2:28 p.m.12 views

EUVD-2026-34284

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose logjserrors to any authenticated user, including guest users when guest access is enabled. The endpoint writes attacker-controlled strings directly into the main application log. The...

8.9CVSS5.7AI score0.00207EPSS
Exploits0References2
cve
cve
added 2026/06/04 2:28 p.m.24 views

CVE-2026-43984

CVE-2026-43984 affects Tautulli (Python-based Plex monitoring) prior to version 2.17.1. An authenticated user, including guests when guest access is enabled, can abuse an endpoint that writes attacker-controlled strings into the main application log. The log viewer then embeds the log contents in...

8.9CVSS5.7AI score0.00207EPSS
Exploits0References2
osv
osv
added 2026/06/04 2:28 p.m.3 views

CVE-2026-43984 Tautulli has stored XSS in logFile via guest-controlled log_js_errors input

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose logjserrors to any authenticated user, including guest users when guest access is enabled. The endpoint writes attacker-controlled strings directly into the main application log. The...

8.9CVSS5.9AI score0.00207EPSS
Exploits0References4
Rows per page
Query Builder