CVE-2025-69417

In the plex.tv backend for Plex Media Server PMS through 2025-12-31, a non-server device token can retrieve share tokens intended for unrelated access via a sharedservers endpoint...

CVE-2025-69417

In the plex.tv backend for Plex Media Server PMS through 2025-12-31, a non-server device token can retrieve share tokens intended for unrelated access via a sharedservers endpoint...

CVE-2025-69417

In the plex.tv backend for Plex Media Server PMS through 2025-12-31, a non-server device token can retrieve share tokens intended for unrelated access via a sharedservers endpoint...

CVE-2025-69417

PVE-2025-69417 affects Plex Media Server (PMS) prior to latest updates. The issue arises when a non-server device token can retrieve share tokens intended for unrelated access via the shared_servers endpoint, indicating an access-control weakness in PMS’s token handling. Public references in the ...

CVE-2025-69417

In the plex.tv backend for Plex Media Server PMS through 2025-12-31, a non-server device token can retrieve share tokens intended for unrelated access via a sharedservers endpoint...

Plex Media Server 安全漏洞

Plex Media Server is a suite of media player and media server software from the Swiss company Plex. A security vulnerability exists in Plex Media Server version 2025-12-31 and earlier, which stems from a non-server device token in the plex.tv backend that can retrieve shared tokens via the...

PT-2026-1111

Name of the Vulnerable Software and Affected Versions Plex Media Server versions prior to 2025-12-31 Description A non-server device token can retrieve share tokens via the shared servers endpoint. These share tokens are intended for unrelated access. Recommendations Update Plex Media Server to a...