ejurgensen - Security Researcher - Exploit Intelligence Platform

CVE-2026-41457 WRITEUP MEDIUM WRITEUP

OwnTone Server < 29.1 SQL Injection via query and filter Parameters

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit insufficient sanitization of these parameters to bypass filters and gain unauthorized access to media library data.

View Code

CVE-2026-26828 WRITEUP HIGH WRITEUP

OwnTone Server - NULL Pointer Dereference

A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server

CVSS 7.5

View Code

CVE-2026-26829 WRITEUP HIGH WRITEUP

owntone-server - DoS

A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service (DoS) via sending a series of crafted HTTP requests to the server.

CVSS 7.5

View Code

CVE-2021-38383 WRITEUP CRITICAL WRITEUP

OwnTone <28.1 - Use After Free

OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c.

CVSS 9.8

View Code

CVE-2025-57155 WRITEUP HIGH WRITEUP

Owntone Server < 28.2 - NULL Pointer Dereference

NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after version 28.2) allows remote attackers to cause a Denial of Service.

CVSS 7.5

View Code

CVE-2025-57156 WRITEUP HIGH WRITEUP

Owntone Server < 28.12 - NULL Pointer Dereference

NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).

CVSS 7.5

View Code

CVE-2025-63647 WRITEUP HIGH WRITEUP

owntone-server <commit 334beb - DoS

A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit 334beb allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server.

CVSS 7.5

View Code

CVE-2025-63648 WRITEUP HIGH WRITEUP

owntone-server <b7e385f - DoS

A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server.

CVSS 7.5

View Code