3 matches found
CVE-2026-49247
Jellyfin (open-source self-hosted media server) has a authenticated path-traversal vulnerability in the POST /ClientLog/Document endpoint affecting 10.9.0 through 10.11.10. The endpoint uses the Authorization header’s Client and Version fields to form on-disk filenames for client-uploaded log doc...
CVE-2025-3831
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...
CVE-2025-3831 Exposed SFTP server
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...