Security: seerr-team/seerr
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Missing authentication on pushSubscription endpointsGHSA-gx3h-3jg5-q65f published
Feb 27, 2026 by fallenbagelModerate -
Broken Object-Level Authorization in User Profile Endpoint Exposes Third-Party Notification CredentialsGHSA-f7xw-jcqr-57hp published
Feb 27, 2026 by fallenbagelModerate -
Unauthenticated account registration on Plex-configured Seerr instances via Jellyfin authentication endpointGHSA-rc4w-7m3r-c2f7 published
Feb 27, 2026 by fallenbagelHigh