Skip to main content

Sonarr

1 CVEs product

Monthly

CVE-2026-30975 HIGH PATCH This Week

Sonarr, a PVR application for Usenet and BitTorrent users, contains an authentication bypass vulnerability affecting installations configured with authentication disabled for local addresses. Attackers can exploit this flaw to gain unauthorized access to Sonarr instances when deployed without a properly configured reverse proxy that filters malicious headers. The vulnerability affects versions prior to 4.0.16.2942 (nightly/develop) and 4.0.16.2944 (stable/main), with patches now available from the vendor.

Authentication Bypass Sonarr
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.1%
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Sonarr, a PVR application for Usenet and BitTorrent users, contains an authentication bypass vulnerability affecting installations configured with authentication disabled for local addresses. Attackers can exploit this flaw to gain unauthorized access to Sonarr instances when deployed without a properly configured reverse proxy that filters malicious headers. The vulnerability affects versions prior to 4.0.16.2942 (nightly/develop) and 4.0.16.2944 (stable/main), with patches now available from the vendor.

Authentication Bypass Sonarr
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy