Owntone Owntone-server
2 CVEs affecting Owntone Owntone-server. Latest disclosed: 2026-04-22. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41458 | | 2026-04-22 | OwnTone Server versions 28.4 through 29.0 contain a race condition vulnerability in the DAAP login handler that allows unauthenticated attackers to crash the s… | |
CVE-2026-41457 | | 2026-04-22 | OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL… |