प्लेटफ़ॉर्म
python
घटक
tautulli
में ठीक किया गया
2.17.1
CVE-2026-28505 is a Remote Code Execution (RCE) vulnerability affecting Tautulli, a Python-based monitoring tool for Plex Media Server. This vulnerability arises from an insufficient sandbox implementation within the notification template processing. Exploitation allows an attacker to execute arbitrary code on a system running vulnerable versions (≤ 2.17.0). A patch is available in version 2.17.0.
The impact of CVE-2026-28505 is significant, as it allows for complete remote code execution. An attacker who can inject a malicious notification template can gain control of the server running Tautulli. This could lead to data theft (Plex library information, user credentials), system compromise, and potentially lateral movement within the network if the Tautulli server has access to other resources. The vulnerability's reliance on notification templates means that users who customize these templates are particularly at risk. The nested code object flaw, where lambda expressions bypass the sandbox's name inspection, is a critical factor in enabling this exploitation.
CVE-2026-28505 was publicly disclosed on 2026-03-30. Currently, there are no known active campaigns exploiting this vulnerability, and no public proof-of-concept (POC) code has been released. The vulnerability is not listed on CISA KEV as of this writing. The vulnerability's complexity, requiring specific template manipulation, may limit its immediate exploitation, but it remains a significant risk.
Users who have customized Tautulli's notification templates are at the highest risk. This includes users who have modified templates to include custom formatting, dynamic content, or external data sources. Shared hosting environments where multiple users share the same Tautulli instance are also at increased risk, as a compromised user's template could affect other users.
• python / server:
import os
import subprocess
def check_tautulli_version():
try:
result = subprocess.check_output(['python3', '-c', 'import tautulli; print(tautulli.__version__)'], stderr=subprocess.STDOUT)
version = result.decode('utf-8').strip()
if version <= '2.17.0':
print(f"Tautulli version is vulnerable: {version}")
else:
print(f"Tautulli version is patched: {version}")
except FileNotFoundError:
print("Tautulli not found.")
except Exception as e:
print(f"Error checking version: {e}")
check_tautulli_version()• generic web:
curl -I http://your-tautulli-server/ | grep Server• generic web: Inspect Tautulli's notification template files for suspicious code or unusual function calls.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.03% (7% शतमक)
CISA SSVC
The primary mitigation for CVE-2026-28505 is to immediately upgrade Tautulli to version 2.17.0 or later. If upgrading is not immediately feasible due to compatibility issues or system downtime constraints, consider disabling custom notification templates as a temporary workaround. This will prevent the injection of malicious templates. Monitor Tautulli logs for any unusual activity, particularly related to notification processing. While a WAF or proxy cannot directly prevent this vulnerability, it can be configured to monitor for suspicious template content. After upgrading, confirm the fix by attempting to trigger a notification with a complex template and verifying that it does not result in code execution.
Tautulli को संस्करण 2.17.0 या उच्चतर में अपडेट करें। यह संस्करण नोटिफिकेशन टेक्स्ट टेम्पलेट्स को सही ढंग से मान्य करके रिमोट कोड एग्जीक्यूशन भेद्यता को ठीक करता है।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2026-28505 is a Remote Code Execution vulnerability in Tautulli versions up to 2.17.0. It allows attackers to execute arbitrary code by crafting malicious notification templates.
You are affected if you are running Tautulli version 2.17.0 or earlier and use custom notification templates.
Upgrade Tautulli to version 2.17.0 or later. As a temporary workaround, disable custom notification templates.
As of now, there are no confirmed reports of active exploitation, but the vulnerability remains a potential risk.
Refer to the Tautulli project's official website and GitHub repository for updates and advisories regarding this vulnerability.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।
अपनी requirements.txt फ़ाइल अपलोड करें और तुरंत जानें कि आप प्रभावित हैं या नहीं।