PT-2025-34216 · Plex · Plex Media Server
Luis Finke
·
Published
2025-08-21
·
Updated
2026-02-27
·
CVE-2025-34158
CVSS v3.1
8.5
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Plex Media Server versions 1.41.7.x through 1.42.0.x
Description
Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified security vulnerability reported through Plex’s bug bounty program. Over 300,000 instances remain vulnerable to remote exploitation. The vulnerability has a maximum CVSS score, indicating a critical severity.
Recommendations
Update Plex Media Server to version 1.42.1.10060+ to resolve this issue.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Plex Media Server