Product
emby
9 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-64113
CVE-2025-64325
CVE-2023-4167
CVE-2021-25828
CVE-2021-25827
CVE-2023-33193
CVE-2022-36223
CVE-2021-32833
CVE-2020-26948
< 4.9.1.90
Emby Server is a user-installable home media server. Versions below 4.9.1.81 allow an attacker to gain full administrative access
< 4.8.1.0
Emby Server is a personal media server. Prior to version 4.8.1.0 and prior to Beta version 4.9.0.0-beta, a malicious user can send
all versions
A vulnerability was found in Media Browser Emby Server 4.7.13.0 and classified as problematic. This issue affects some unknown pro
< 4.6.0.50
Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to /web.
< 4.7.12.0
Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address.
< 4.7.0.12
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and ma
all versions
In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access
<= 4.6.4.0
Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there is a set of arbitrary file read
< 4.5.0
Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter.