CVE ID :CVE-2026-49340 Published : June 19, 2026, 7:11 p.m. | 3 hours, 58 minutes ago Description :gonic is a music streaming server / free-software subsonic server API implementation. Prior to version 0.21.0, a logic error in `ServeCreateOrUpdatePlaylist` allows any authenticated Subsonic...

#Sicherheitslücke #Update

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-49340 - gonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the host

VERWANDTEARTIKEL

CVE-2026-56082 - Supabase - Unauthenticated Cross-Tenant Billing Log Tampering via public.record_build_time RPC

CVE-2026-56081 - Cap-go - Account Lockout via 2FA Misconfiguration on Unverified Email

CVE-2026-56073 - Cap-go - OTP Bypass via Response Manipulation in Email Verification

CVE-2026-47645 - Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability

CVE-2026-48582 - Microsoft Exchange Online Elevation of Privilege Vulnerability

CVE-2026-48584 - Microsoft Azure Synapse Elevation of Privilege Vulnerability