Tag

Cve-2026-40348

1 brief RSS

Movary SSRF Vulnerability (CVE-2026-40348)

Movary versions before 0.71.1 are vulnerable to server-side request forgery (SSRF) via the `/settings/jellyfin/server-url-verify` endpoint, allowing authenticated users to probe internal network resources.

ssrf cve-2026-40348 movary web-application

2r 2t 1c 2w ago