Two File-Write Flaws in Self-Hosted Media Server Jellyfin (CVE-2026-48793 and More) — Update to v10.11.10
Jellyfin, a popular tool for streaming movies and music from a home server, has two flaws letting an attacker write files to places on the server they should not. CVE-2026-48793 and CVE-2026-49247, both CVSS 8.8. No administrator privileges are needed, and shared or internet-exposed servers are most at risk. Versions before 10.11.10 are affected; update to 10.11.10.
Makoto Horikawa
Backend Engineer / AWS / Django
Jellyfin, a popular tool for streaming movies and music from a home server, has two flaws letting an attacker write files to places on the server they should not. CVE-2026-48793 and CVE-2026-49247, both CVSS 8.8. No administrator privileges are needed, and shared or internet-exposed servers are most at risk. Versions before 10.11.10 are affected; update to 10.11.10.
Jellyfin, a popular tool for storing movies, music, and photos on your own server and streaming them to your devices, has been found to contain two vulnerabilities (software flaws) that let an attacker write files on the server. They are CVE-2026-48793 and CVE-2026-49247, both with a severity of 8.8 out of 10 (High).
The affected versions are those before 10.11.10. Both were reported by GitHub and disclosed on June 24, 2026. The fix is included in 10.11.10. One uses a maliciously named file and the other a regular user's login as the entry point to write files to places on the server they should not be able to. If you are on an older version, you need to update.
What kind of software is Jellyfin?
Jellyfin is a media server that stores movies, TV shows, music, and photos on your own PC or server and lets you watch them from a phone, TV, or browser. With no monthly fee and no tracking of user activity, it is developed as free open source, and it is popular with people who run a home server (homelab) as an alternative to the paid services Plex and Emby.
Convenient as it is, it is often used by sharing accounts among family and friends, or exposed to the internet so it can be watched away from home. In those cases, how safely it handles "low-privilege users" and "files placed from outside" matters. These two flaws are exactly in that area. Both are fixed in 10.11.10.
Who targets it, what they do, and what happens
The targets are servers where Jellyfin is shared among several people, hands out accounts to outsiders, or is exposed to the internet. What the attack needs is, for one flaw, a login at the level of a regular user, and for the other, the ability to place a maliciously named file into the library (the storage folder). The point to watch is that the conditions can be met without being an administrator.
What an attacker does is make the server—which should only be able to write to set locations—write a file with contents of their choosing to a different place. If they can place a crafted file in a targeted location, it could lead to rewriting configuration or running malicious code slipped into other processing.
Because the writes happen with the privileges of the Jellyfin service, the server's configuration and data can come under the attacker's influence. A home server is often connected to other devices in the household, so even a small entry point raises the concern of damage spreading to other devices on the home network. Vulnerabilities that begin to be used in real attacks can be added to the U.S. agency CISA's "list of vulnerabilities under active attack"; we maintain a Japanese-language overview in our CISA KEV Dashboard (Japanese edition).
What the two vulnerabilities are
Both stem from "using a string handed in from outside directly to build a file location or a command." Their entry points differ.
CVE-2026-48793: command injection from a filename during subtitle conversion (CVSS 8.8)
According to the published information, in its subtitle conversion processing Jellyfin embedded the subtitle file path into the command for the video-conversion software FFmpeg without calling the path-normalizing step (NormalizePath). On Linux, including a double-quote (") in the filename breaks the command's quoting, letting an attacker inject FFmpeg commands of their own. This can lead to writing files to arbitrary locations and reading information (GHSA-wwwm-px48-fpvq).
CVE-2026-49247: out-of-path writes by abusing a logging endpoint (CVSS 8.8)
This flaw is in the endpoint that receives client logs (POST /ClientLog/Document). Jellyfin used the "Client" and "Version" fields contained in the credentials (the Authorization header) directly as the saved filename. When a regular user (no administrator needed) plants a "../" string—which moves up a directory level—in the "Client" field, they can escape the intended save location and write contents of their choosing to an arbitrary place (with the suffix forced to ".log"). Anywhere the Jellyfin service can reach could be written to (GHSA-jg92-mrxq-vv75).
A quick reference of what is risky
The two have different entry points (preconditions). Both are fixed in 10.11.10.
| CVE | Attack precondition | What can happen |
|---|---|---|
| CVE-2026-48793 | Can place a maliciously named file in the library | FFmpeg command injection: file writes, info disclosure |
| CVE-2026-49247 | Can log in as a regular user | Arbitrary out-of-path file writes |
Neither requires administrator privileges, and the risk is higher for servers that are shared or exposed externally. Compared with a closed, family-only setup, take care if you hand accounts to outsiders or expose the server to the internet.
What to do now
The top priority is to update Jellyfin to 10.11.10 or later. Get the latest version from the official releases or your environment's packages. You can also check the current version on the admin dashboard.
If you cannot update immediately, these mitigations help: do not hand accounts to untrusted parties, and avoid library setups where outsiders can place files. If you expose Jellyfin directly to the internet, stop the exposure for now or limit connections to a range only trusted users can reach. Also inspect for any unfamiliar files or configuration changes. To be safe, consider reviewing the credentials stored on the server.
Summary
The two flaws found in Jellyfin (CVE-2026-48793 / CVE-2026-49247) both fail to safely handle strings handed in from outside, letting an attacker write files to places on the server they should not be able to. Both have a severity of CVSS 8.8, require no administrator privileges, affect versions before 10.11.10, and are fixed in 10.11.10.
A home server is often connected to other devices in the household, so even a small entry point tends to spread. If you share it among several people or expose it externally, first check your version and, if it is old, update now. If new vulnerabilities concerning Jellyfin emerge, we will track them by adding to this article.
References
- ▸NVD - CVE-2026-48793 (FFmpeg command injection in subtitle conversion)
- ▸NVD - CVE-2026-49247 (out-of-path write via ClientLog)
- ▸GitHub Security Advisory - GHSA-wwwm-px48-fpvq (CVE-2026-48793)
- ▸GitHub Security Advisory - GHSA-jg92-mrxq-vv75 (CVE-2026-49247)
- ▸GitHub - jellyfin/jellyfin releases (10.11.10)
- ▸Jellyfin official site (product overview)