VYPR
Vendor

Jxxghp

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2026-11416HigJun 5, 2026
    risk 0.46cvss 8.1epss 0.00

    MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concatenating the configured download directory with a filename taken directly from remote cloud API metadata…

  • CVE-2026-10107HigMay 29, 2026
    risk 0.43cvss 7.7epss 0.00

    MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resource_token cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal…