CNNVD-202601-471 Information

CNNVD ID

CNNVD-202601-471

Related CVE

CVE-2025-69416

• CNNVD Published: 2026-01-02

Description (Chinese)

Plex media server是Plex公司的一款媒体播放器。 Plex Media Server 2025-12-31及之前版本存在安全漏洞，该漏洞源于plex.tv后端中非服务器设备令牌可通过clients.plex.tv/devices.xml检索其他令牌，可能导致令牌泄露。

Description (English)

Plex mediaserver is a media player for Plex. There is a security loophole in Plex Media Server 2025-12-31 and earlier versions, which stems from the fact that the Central African server equipment at the back end of plex.tv can retrieve other tokens through clits.plex.tv/devices.xml, which could lead to their disclosure.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Plex

Published

2026-01-02

Last Modified

2026-02-24

References

https://github.com/lufinkey/vulnerability-research/blob/main/CVE-2025-34158/README.md https://access.redhat.com/security/cve/cve-2025-69416