Security Advisory

CVE-2026-31831

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-30 19:42:23

Last updated 2026-03-31 19:09:40

Assigner GitHub_M

State PUBLISHED

Description

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application servers filesystem. This issue has been patched in version 2.17.0.

← Browse all CVEs View on cve.org ↗