Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
10DescriptionGitHub Advisory
Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST /Videos/{itemId}/Subtitles), where the Format field is not validated, allowing path traversal via the file extension and enabling arbitrary file write. This arbitrary file write can be chained into arbitrary file read via .strm files, database extraction, admin privilege escalation, and ultimately remote code execution as root via ld.so.preload. Exploitation requires an administrator account or a user that has been explicitly granted the "Upload Subtitles" permission. This issue has been fixed in version 10.11.7. If users are unable to upgrade immediately, they can grant non-administrator users Subtitle upload permissions to reduce attack surface.
Articles & Coverage 1
AnalysisAI
Remote code execution as root in Jellyfin media server versions prior to 10.11.7 allows authenticated users with 'Upload Subtitles' permission to execute arbitrary code through a multi-stage attack chain exploiting path traversal in subtitle uploads, arbitrary file write, and ld.so.preload manipulation. CVSS 9.9 (Critical) reflects the complete system compromise potential. EPSS data not available. Not listed in CISA KEV, indicating no confirmed active exploitation at time of analysis. Attack requires low-privilege authenticated access but can escalate to full root-level code execution.
Technical ContextAI
Jellyfin is a self-hosted open-source media streaming platform built on .NET, managing video libraries and subtitle files. The vulnerability originates from improper input validation (CWE-20) in the subtitle upload REST API endpoint (POST /Videos/{itemId}/Subtitles). The Format field lacks sanitization, enabling path traversal attacks through malicious file extensions. This allows authenticated users to write files to arbitrary filesystem locations. The attack chain leverages Jellyfin's .strm file handling (playlist files containing URLs or file paths) to achieve arbitrary file read, exposing the SQLite database containing admin credentials. Escalated admin access enables manipulation of ld.so.preload, a dynamic linker configuration file that specifies shared libraries to be loaded before all others in any executed process. By injecting a malicious shared library path into ld.so.preload and triggering process execution, attackers gain code execution with root privileges due to Jellyfin's typical deployment configurations.
RemediationAI
Upgrade immediately to Jellyfin version 10.11.7 or later, which contains input validation fixes for the subtitle upload Format field. Release available at https://github.com/jellyfin/jellyfin/releases/tag/v10.11.7. For environments unable to upgrade immediately, implement the vendor-recommended workaround: audit user permissions and revoke 'Upload Subtitles' permission from all non-administrator accounts to reduce attack surface to only administrator-level users. Note that this workaround does not eliminate risk if administrator accounts are compromised, only reduces the exposed user base. Additionally, implement network segmentation to restrict Jellyfin server access to trusted networks, enable comprehensive audit logging for subtitle upload operations, and monitor filesystem integrity for unexpected modifications to system configuration files like ld.so.preload. Review existing subtitle files and .strm playlist files for anomalies that may indicate prior exploitation.
Jellyfin is a Free Software Media System for managing and streaming media. Rated high severity (CVSS 8.8), this vulnerab
In Jellyfin before 10.8, the /users endpoint has incorrect access control for admin functionality. Rated high severity (
Jellyfin is a free-software media system. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, lo
Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /Repositories. R
Jellyfin is a system for managing and streaming media. Rated high severity (CVSS 7.2), this vulnerability is remotely ex
Jellyfin is a Free Software Media System. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable,
Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple ap
jellyfin-web is the web client for Jellyfin, a free-software media system. Rated medium severity (CVSS 5.4), this vulner
In Jellyfin 10.8.x through 10.8.3, the name of a playlist is vulnerable to stored XSS. Rated medium severity (CVSS 5.4),
In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. Rated medium severity (CVSS 5.4
In Jellyfin before 10.8, stored XSS allows theft of an admin access token. Rated medium severity (CVSS 5.4), this vulner
Arbitrary file read via ffmpeg argument injection in Jellyfin media server versions before 10.11.7 allows unauthenticate
Same weakness CWE-20 – Improper Input Validation
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22764