Security Advisory

CVE-2025-69417

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-02 16:55:18

Last updated 2026-01-02 21:04:29

Assigner mitre

State PUBLISHED

Description

In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.

← Browse all CVEs View on cve.org ↗