Seerr-Team Seerr vulnerabilities
2 known vulnerabilities affecting seerr-team/seerr.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-27707P2CRITICALCVSS 9.8fixed in 3.1.02026-02-27
CVE-2026-27707 [CRITICAL] CWE-288 CVE-2026-27707: Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting i
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth/jellyfin` allows an unauthenticated attacker to register a new Seerr account on any Plex-configured instance by authenticating with an attacker-cont
nvd
CVE-2026-27792P4MEDIUMCVSS 5.4v>= 2.7.0, < 3.1.02026-02-27
CVE-2026-27792 [MEDIUM] CWE-862 CVE-2026-27792: Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. A missing
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. A missing authorization vulnerability has been identified in the application starting in version 2.7.0 and prior to version 3.1.0. It allows authenticated users to access and modify data belonging to other users. This issue is due to the absence of the `isOwnPro
nvd