Critical severity9.1NVD Advisory· Published Mar 30, 2026· Updated Apr 2, 2026
CVE-2026-32275
CVE-2026-32275
Description
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 1.3.10 to before version 2.17.0, an unsanitized JSONP callback parameter allows cross-origin script injection and API key theft. This issue has been patched in version 2.17.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/Tautulli/Tautulli/security/advisories/GHSA-95mg-wpqw-9qxhnvdExploitVendor Advisory
- github.com/Tautulli/Tautulli/releases/tag/v2.17.0nvdRelease Notes
News mentions
0No linked articles in our index yet.