CVE-2026-41457 | owntone owntone-server up to 29.0.x Expressions sql injection (EUVD-2026-24585)

A vulnerability labeled as critical has been found in owntone owntone-server up to 29.0.x. The affected element is an unknown function of the component Expressions Handler. Such manipulation leads to sql injection.

This vulnerability is referenced as CVE-2026-41457. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More