Jellyfin Security Vulnerabilities (CVEs)
Track 5 security vulnerabilities affecting Jellyfin products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows argument injection in Jellyfin's FFmpeg processing, which can lead to arbitrary file write and potentially remote code execu...
Apr 15, 2025Jellyfin's user profile image upload accepts SVG files that can contain malicious JavaScript. When an admin user views such an image outside the Jelly...
Sep 2, 2024This vulnerability allows a malicious administrator in Jellyfin to execute arbitrary code on the server by exploiting a path traversal issue in the me...
Dec 13, 2023Jellyfin media server has an argument injection vulnerability in video/audio streaming endpoints that allows unauthenticated attackers to inject malic...
Dec 6, 2023A stored cross-site scripting (XSS) vulnerability in jellyfin-web allows attackers to make arbitrary REST API calls with admin privileges. When combin...
Apr 24, 2023Why Monitor Jellyfin Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 5+ known vulnerabilities affecting Jellyfin products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Jellyfin packages in under 60 seconds. No agents required - completely agentless scanning that works across Jellyfin deployments.
Free vulnerability database: Access detailed information about every Jellyfin CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Jellyfin CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
