CVE-2025-64325 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Emby Server is a personal media server. Prior to version 4.8.1.0 and prior to Beta version 4.9.0.0-beta, a malicious user can send an authentication request wit…
High CVSS: 8.4

CVE-2025-64325

Emby Server is a personal media server. Prior to version 4.8.1.0 and prior to Beta version 4.9.0.0-beta, a malicious user can send an authentication request with a manipulated X-Emby-Client value, which gets added to the devices section of the admin dashboard without sanitization. This issue has been patched in version 4.8.1.0 and Beta version 4.9.0.0-beta.
Vendor
Emby
Product
Emby
CWE
CWE-79
Yayın Tarihi
2025-11-18 23:15:55
Güncelleme
2026-01-15 22:01:52
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-79 Emby HIGH Emby 2025

Referanslar

https://github.com/EmbySupport/Emby.Security/security/advisories/GHSA-2gwc-988r-2r7x https://github.com/EmbySupport/Emby.Security/security/advisories/GHSA-2gwc-988r-2r7x