CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-31831

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has been patched in version 2.17.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.9%

CVSS Severity

References

https://github.com/Tautulli/Tautulli/releases/tag/v2.17.0
https://github.com/Tautulli/Tautulli/security/advisories/GHSA-xp55-2pf4-fv8m
https://github.com/Tautulli/Tautulli/security/advisories/GHSA-xp55-2pf4-fv8m

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-31831

Products

Pricing

Contact Us