Vulnerabilities > Emby > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-28 | CVE-2021-25827 | Authentication Bypass by Spoofing vulnerability in Emby Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address. | 9.8 |
| 2023-05-30 | CVE-2023-33193 | HTTP Request Smuggling vulnerability in Emby Emby.Releases Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. | 9.1 |
| 2020-10-10 | CVE-2020-26948 | Server-Side Request Forgery (SSRF) vulnerability in Emby Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter. | 9.8 |