VYPR
Critical severity9.1NVD Advisory· Published Mar 30, 2026· Updated Apr 2, 2026

CVE-2026-32275

CVE-2026-32275

Description

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 1.3.10 to before version 2.17.0, an unsanitized JSONP callback parameter allows cross-origin script injection and API key theft. This issue has been patched in version 2.17.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Tautulli/Tautulli2 versions
    cpe:2.3:a:tautulli:tautulli:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:tautulli:tautulli:*:*:*:*:*:*:*:*range: >=1.3.10,<2.17.0
    • (no CPE)range: >=1.3.10 <2.17.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.