Improper Authorization Vulnerability in jxxghp MoviePilot Application API
CVE-2026-16224

5.3MEDIUM

Key Information:

Vendor

JxxgHP

Vendor
CVE Published:
19 July 2026

What is CVE-2026-16224?

A significant security vulnerability has been detected in the jxxghp MoviePilot Application API, specifically within an unknown function of the file /jxxghp/MoviePilot. This vulnerability poses a risk of improper authorization, enabling potential attackers to exploit the system remotely. Users are strongly urged to apply the recommended patch identified by the hash dc2b6910a423b3bfadeffaa303e1ba75cfb33900 to mitigate the risks associated with this issue. Staying updated with security patches is essential to safeguard sensitive user data and maintain overall application integrity.

Affected Version(s)

MoviePilot 2.13.0

MoviePilot 2.13.1

MoviePilot 2.13.2

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

geochen (VulDB User)
.