CVE-2026-26828 | owntone-server up to 3d1652d DAAP src/httpd_daap.c daap_reply_playlists null pointer dereference

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability described as problematic has been identified in owntone-server up to 3d1652d. The impacted element is the function daap_reply_playlists of the file src/httpd_daap.c of the component DAAP Handler. Executing a manipulation can lead to null pointer dereference.

This vulnerability is handled as CVE-2026-26828. The attack can be executed remotely. There is not any exploit available.

CVE-2026-26828 | owntone-server up to 3d1652d DAAP src/httpd_daap.c daap_reply_playlists null pointer dereference

Post correlati

CVE-2025-9233 | Scada-LTS up to 2.7.8.1 view_edit.shtm Name cross site scripting

CVE-2024-32388 | Kerlink KerOS up to 5.11 UDP Packet access control

CVE-2026-1587 | Open5GS up to 2.7.6 SGWC /sgwc/s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service (Issue 4272)

CVE-2024-20718 | Adobe Commerce cross-site request forgery (apsb24-03)