Security Vulnerabilities
In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve other tokens (intended for unrelated access) via clients.plex.tv/devices.xml.
CVSS Score
5.0
EPSS Score
0.0
Published
2026-01-02
In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.
CVSS Score
5.0
EPSS Score
0.0
Published
2026-01-02
An authentication bypass in the /cgi-bin/jvsweb.cgi endpoint of Revotech I6032W-FHW v1.0.0014 - 20210517 allows attackers to access sensitive information and escalate privileges via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-01-02
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-02
An issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files via a directory traversal.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-01-02
Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myplex/account call with a transient access token.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-01-02
In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-01-02
CasaOS versions up to and including 0.4.15 expose multiple unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. The /v1/users/image endpoint can be abused with a user-controlled path parameter to access files under /var/lib/casaos/1/, which reveals installed applications and configuration details. Additionally, /v1/sys/debug discloses host operating system, kernel, hardware, and storage information. The endpoints also return distinct error messages, enabling file existence enumeration of arbitrary paths on the underlying host filesystem. This information disclosure can be used for reconnaissance and to facilitate targeted follow-up attacks against services deployed on the host.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-01-02
Plane is an an open-source project management tool. In plane.io, a guest user doesn't have a permission to access https[:]//app[.]plane[.]so/[:]slug/settings. Prior to Plane version 1.2.0, a problem occurs when the `/api/workspaces/:slug/members/` is accessible by guest and able to list of users on a specific workspace that they joined. Since the `display_name` in the response is actually the handler of the email, a malicious guest can still identify admin users' email addresses. Version 1.2.0 fixes this issue.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-01-02
An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
QuTS hero h5.3.1.3250 build 20250912 and later
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-02