CVE-2025-69415

Published January 2nd, 2026

View on NVD ↗

CVSS v3

7.1

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account.

lufinkey/vulnerability-research

Collection of CVEs that i've discovered

GitHub