Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 7:45 p.m.8 views

CVE-2026-27793

Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Prior to version 3.1.0, the GET /api/v1/user/:id endpoint returns the full settings object for any user, including Pushover, Pushbullet, and Telegram credentials, to any authenticated requester regardless of...

9.8CVSS5.9AI score0.00506EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/27 7:38 p.m.7 views

EUVD-2026-9055

Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Prior to version 3.1.0, the GET /api/v1/user/:id endpoint returns the full settings object for any user, including Pushover, Pushbullet, and Telegram credentials, to any authenticated requester regardless of...

7.3CVSS5.9AI score0.00506EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.7 views

PT-2026-22383

Name of the Vulnerable Software and Affected Versions Seerr versions prior to 3.1.0 Description Seerr is a media request and discovery manager for Jellyfin, Plex, and Emby. The GET /api/v1/user/:id API endpoint improperly discloses the full settings object for any user, including credentials for...

6.5CVSS5.7AI score0.00231EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.9 views

CVE-2024-0366

The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences...

4.3CVSS6.6AI score0.00576EPSS
Exploits0References1
Rows per page
Query Builder