Authentication Bypass in Emby Server by Emby
CVE-2025-64113

9.3CRITICAL

Key Information:

Vendor: Embysupport
Status: Security
Vendor: CVE Published:; 9 December 2025

🔔 Create Embysupport Vulnerability Alert

What is CVE-2025-64113?

Emby Server is a popular home media server that allows users to manage and stream their personal media libraries. In versions prior to 4.9.1.81, a vulnerability exists that enables attackers to exploit a critical authentication bypass flaw, granting them full administrative access to the server. This access does not necessitate specific preconditions apart from having network access to the server. The issue has been resolved in version 4.9.1.81, and it's vital for users to update promptly to maintain the security of their media environment.

Affected Version(s)

security < 4.9.1.81

References

https://github.com/EmbySupport/Emby.Security/security/adv...

x_refsource_CONFIRM

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Oct 27, 2025

JSON