📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global vulnerability Higher Education CRITICAL 7h Global data_breach Government HIGH 8h Global supply_chain Software Development and Open Source Communities CRITICAL 8h Global malware Software Development CRITICAL 8h Global phishing Multiple Sectors HIGH 9h Global vulnerability Web Applications CRITICAL 9h Global apt Critical Infrastructure CRITICAL 9h Global ransomware Multiple sectors CRITICAL 10h Global supply_chain Software Development, IT Infrastructure, Technology CRITICAL 10h Global vulnerability,data_breach,general Technology, Industrial Control Systems, Telecommunications HIGH 11h Global vulnerability Higher Education CRITICAL 7h Global data_breach Government HIGH 8h Global supply_chain Software Development and Open Source Communities CRITICAL 8h Global malware Software Development CRITICAL 8h Global phishing Multiple Sectors HIGH 9h Global vulnerability Web Applications CRITICAL 9h Global apt Critical Infrastructure CRITICAL 9h Global ransomware Multiple sectors CRITICAL 10h Global supply_chain Software Development, IT Infrastructure, Technology CRITICAL 10h Global vulnerability,data_breach,general Technology, Industrial Control Systems, Telecommunications HIGH 11h Global vulnerability Higher Education CRITICAL 7h Global data_breach Government HIGH 8h Global supply_chain Software Development and Open Source Communities CRITICAL 8h Global malware Software Development CRITICAL 8h Global phishing Multiple Sectors HIGH 9h Global vulnerability Web Applications CRITICAL 9h Global apt Critical Infrastructure CRITICAL 9h Global ransomware Multiple sectors CRITICAL 10h Global supply_chain Software Development, IT Infrastructure, Technology CRITICAL 10h Global vulnerability,data_breach,general Technology, Industrial Control Systems, Telecommunications HIGH 11h
Vulnerabilities

CVE-2026-27707

High
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth
CWE-288 — Weakness Type
Published: Feb 27, 2026  ·  Modified: Feb 28, 2026  ·  Source: NVD
CVSS v3
7.3
🔗 NVD Official
📄 Description (English)

Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth/jellyfin` allows an unauthenticated attacker to register a new Seerr account on any Plex-configured instance by authenticating with an attacker-controlled Jellyfin server. The attacker receives an authenticated session and can immediately use the application with default permissions, including the ability to submit media requests to Radarr/Sonarr. Any Seerr deployment where all three of the following are true may be vulnerable: `settings.main.mediaServerType` is set to `PLEX` (the most common deployment).; `settings.jellyfin.ip` is set to `""` (default, meaning Jellyfin was never configured); and `settings.main.newPlexLogin` is set to `true` (default). Jellyfin-configured and Emby-configured deployments are not affected. Version 3.1.0 of Seerr fixes this issue.

🤖 AI Executive Summary

Seerr versions 2.0.0 to 3.0.x contain an authentication bypass vulnerability in the Jellyfin authentication endpoint that allows unauthenticated attackers to register accounts on Plex-configured instances. Attackers can gain authenticated access with default permissions and submit unauthorized media requests to connected services.

📄 Description (Arabic)

تحتوي نسخ Seerr من 2.0.0 إلى 3.0.x على خلل في منطق حماية المصادقة في نقطة نهاية POST /api/v1/auth/jellyfin. يسمح هذا الخلل للمهاجمين بتجاوز المصادقة والتسجيل بحسابات جديدة على الخوادم المكونة مع Plex. يمكن للمهاجمين الوصول الفوري إلى التطبيق بأذونات افتراضية وتقديم طلبات وسائط إلى خدمات Radarr و Sonarr المتصلة.

🤖 ملخص تنفيذي (AI)

ثغرة تجاوز المصادقة في Seerr تسمح للمهاجمين غير المصرح لهم بتسجيل حسابات جديدة على خوادم Plex المكونة. يمكن للمهاجمين الحصول على جلسة مصادقة واستخدام التطبيق بأذونات افتراضية وتقديم طلبات وسائط غير مصرح بها.

🤖 AI Intelligence Analysis Analyzed: May 5, 2026 02:33
🇸🇦 Saudi Arabia Impact Assessment
Saudi Relevance: high
🏢 Affected Saudi Sectors
telecom government healthcare
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
7.0
/ 10.0
🔧 Remediation Steps (English)
Upgrade Seerr to version 3.1.0 or later immediately. If immediate upgrade is not possible, disable the Plex login functionality by setting settings.main.newPlexLogin to false or configure a valid Jellyfin server IP in settings.jellyfin.ip. Implement network-level access controls to restrict API endpoint access to trusted networks only.
🔧 خطوات المعالجة (العربية)
قم بترقية Seerr إلى الإصدار 3.1.0 أو أحدث فوراً. إذا لم يكن الترقية ممكنة، قم بتعطيل وظيفة تسجيل الدخول عبر Plex أو قم بتكوين عنوان IP صحيح لخادم Jellyfin. طبق عناصر تحكم على مستوى الشبكة لتقييد الوصول إلى نقاط النهاية.
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
5.1.1 5.1.2 5.2.1
🔵 SAMA CSF
AC-2 AC-3 IA-2
🟡 ISO 27001:2022
A.9.2.1 A.9.2.2 A.9.4.3
📊 CVSS Score
7.3
/ 10.0 — High
📊 CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack VectorN — None / Network
Attack ComplexityL — Low / Local
Privileges RequiredN — None / Network
User InteractionN — None / Network
ScopeU — Unchanged
ConfidentialityL — Low / Local
IntegrityL — Low / Local
AvailabilityL — Low / Local
📋 Quick Facts
Severity High
CVSS Score7.3
CWECWE-288
Exploit No
Patch ✓ Yes
Published 2026-02-27
Source Feed nvd
Views 5
🇸🇦 Saudi Risk Score
7.0
/ 10.0 — Saudi Risk
Priority: HIGH
🏷️ Tags
CWE-288
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram

💬 Comments

0
Loading comments
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.