Audiobookshelf Mobile App

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-27974 MEDIUM PATCH This Month

Audiobookshelf Mobile App versions up to 0.12.0 is affected by cross-site scripting (xss) (CVSS 4.8).

XSS Audiobookshelf Mobile App
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-27973 MEDIUM PATCH This Month

Stored XSS in Audiobookshelf Mobile App prior to version 0.12.0-beta allows authenticated users with library modification privileges to inject malicious JavaScript through metadata, enabling arbitrary code execution within victim users' browsers and WebViews. Successful exploitation could lead to session hijacking, data theft, and unauthorized access to native device APIs. A patch is available in version 0.12.0-beta and later.

XSS Audiobookshelf Mobile App Audiobookshelf
NVD GitHub
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-27974
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Audiobookshelf Mobile App versions up to 0.12.0 is affected by cross-site scripting (xss) (CVSS 4.8).

XSS Audiobookshelf Mobile App
NVD GitHub
CVE-2026-27973
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Stored XSS in Audiobookshelf Mobile App prior to version 0.12.0-beta allows authenticated users with library modification privileges to inject malicious JavaScript through metadata, enabling arbitrary code execution within victim users' browsers and WebViews. Successful exploitation could lead to session hijacking, data theft, and unauthorized access to native device APIs. A patch is available in version 0.12.0-beta and later.

XSS Audiobookshelf Mobile App Audiobookshelf
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy