CNNVD-202601-761 Information

CNNVD ID

CNNVD-202601-761

Related CVE

CVE-2025-69417

• CNNVD Published: 2026-01-02

Description (Chinese)

Plex Media Server是瑞士Plex公司的一套媒体播放器及媒体服务器软件。 Plex Media Server 2025-12-31及之前版本存在安全漏洞，该漏洞源于plex.tv后端中非服务器设备令牌可通过shared_servers端点检索共享令牌，可能导致共享令牌泄露。

Description (English)

Plex Media Server is a media player and media server software for the Swiss company Plex. There is a security loophole in the Plex Media Server 2025-12-31 and earlier versions, which stems from the fact that the Central African server equipment token at the back end of plex.tv can be retrieved through the Shared servers endpoint and may lead to the disclosure of the shared token.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Plex

Published

2026-01-02

Last Modified

2026-02-24

References

https://github.com/lufinkey/vulnerability-research/blob/main/CVE-2025-34158/README.md https://access.redhat.com/security/cve/cve-2025-69417