2 matches found
Exploit for CVE-2026-29000
CVE-2026-29000: pac4j-jwt Authentication Bypass POC This repo...
Sensitive Information Disclosure
Navidrome is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of sensitive information because the JWT secret is stored in plaintext in the navidrome.db database file, making it retrievable by anyone with access to the database...