CVE-2026-31831 in Tautulli
摘要 (英语)
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has been patched in version 2.17.0.
负责
GitHub_M
预定
2026-03-09
披露
2026-03-30
条目
| 标识符 | 漏洞 | CWE | 基础 | 临时 | 0day | 今天 | 可利用 | KEV | EPSS | CTI | 对策 | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 354257 | Tautulli API images 目录遍历 | 23 | 5.3 | 5.1 | $0-$5k | 计算 | 未定义 | 0.00000 | 0.00 | 官方修复 | CVE-2026-31831 |