Vulnerabilidades em sentriz
3 resultadosCVE-2026-49340HIGHgonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the hostEPSS 0.3%CVE-2026-49339HIGHPath traversal in getPlaylist/deletePlaylist bypasses ownership check: any authenticated user can read or delete any other user's playlistEPSS 0.3%CVE-2026-49338HIGHSubsonic API: any authenticated user can delete or read any other user's playlist (IDOR)EPSS 0.2%