CVE-2026-26975
📋 TL;DR
CVE-2026-26975 is a critical path traversal vulnerability in Music Assistant that allows unauthenticated attackers on the same network to write arbitrary files anywhere on the filesystem. This can lead to remote code execution by writing malicious Python .pth files that execute when Python loads. All users running Music Assistant versions 2.6.3 and below are affected.
💻 Affected Systems
- Music Assistant
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with root-level access, allowing attackers to install persistent backdoors, steal data, or pivot to other systems.
Likely Case
Remote code execution leading to service disruption, data theft, or cryptocurrency mining malware installation.
If Mitigated
Limited impact with proper network segmentation and non-root container execution, though file system manipulation may still be possible.
🎯 Exploit Status
Exploitation requires network adjacency but no authentication. The path traversal to write .pth files is straightforward for attackers with basic Python knowledge.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.7.0
Vendor Advisory: https://github.com/music-assistant/server/security/advisories/GHSA-7jcc-p6xr-835j
Restart Required: Yes
Instructions:
1. Stop Music Assistant service. 2. Update to version 2.7.0 using your package manager or by downloading from GitHub releases. 3. Restart the service.
🔧 Temporary Workarounds
Run container as non-root user
linuxModify Docker/container configuration to run Music Assistant with a non-privileged user to limit impact of file writes.
docker run --user 1000:1000 music-assistant
Network segmentation
allIsolate Music Assistant on a separate VLAN or network segment to limit attack surface to network-adjacent devices.
🧯 If You Can't Patch
- Implement strict network access controls to limit which devices can communicate with Music Assistant
- Monitor for suspicious file writes to Python site-packages directories and unexpected process execution
🔍 How to Verify
Check if Vulnerable:
Check Music Assistant version: if version <= 2.6.3, system is vulnerable. Also check if music/playlists/update API endpoint is accessible without authentication.Check Version:
Check Music Assistant web interface or run: python -c "import music_assistant; print(music_assistant.__version__)"Verify Fix Applied:
Verify version is 2.7.0 or higher and test that file writes outside allowed directories are blocked.📡 Detection & Monitoring
Log Indicators:
- Failed file write attempts outside allowed directories
- Multiple requests to music/playlists/update endpoint from single source
- Unexpected .pth file creation in Python directories
Network Indicators:
- POST requests to /api/music/playlists/update with path traversal payloads
- Unusual outbound connections from Music Assistant container
SIEM Query:
source="music-assistant" AND (uri_path="/api/music/playlists/update" OR event="file_write")