CVE-2026-28505 | Tautulli up to 2.16.x notification_handler.py str_eval code injection (GHSA-m62j-gwm9-7p8m)

A vulnerability classified as critical has been found in Tautulli up to 2.16.x. Affected by this vulnerability is the function str_eval of the file notification_handler.py. Performing a manipulation results in code injection.

This vulnerability is known as CVE-2026-28505. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More