Description
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the str_eval() function in notification_handler.py implements a sandboxed eval() for notification text templates. The sandbox attempts to restrict callable names by inspecting code.co_names of the compiled code object. However, co_names only contains names from the outer code object. When a lambda expression is used, it creates a nested code object whose attribute accesses are stored in code.co_consts, NOT in code.co_names. The sandbox never inspects nested code objects. This issue has been patched in version 2.17.0.
Published: 2026-03-30
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A flaw in the notification rendering logic allows malicious code to be executed when a notification template is processed. The sandboxed evaluation function mistakenly trusts the outer code object’s &quot;co_names&quot; and ignores nested lambda expressions, letting an attacker inject arbitrary Python statements that bypass the whitelist. Running such code would give the attacker full control of the host system.

Affected Systems

All installations of the monitoring tool that run Tautulli versions older than 2.17.0 are affected; the issue was addressed in the 2.17.0 release.

Risk and Exploitability

The severity score of 7.5 reflects a high-risk vulnerability, while the probability of exploitation is very low, with an EPSS score below 1%. The flaw is not listed in CISA’s known exploited vulnerabilities catalog. Based on the description, it is inferred that the attack requires the ability to create or modify a notification template containing malicious code, after which the code is executed during rendering, granting the attacker full system compromise.

Generated by OpenCVE AI on April 2, 2026 at 23:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Tautulli to version 2.17.0 or later.

Generated by OpenCVE AI on April 2, 2026 at 23:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:tautulli:tautulli:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 10.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Tautulli
Tautulli tautulli
Vendors & Products Tautulli
Tautulli tautulli

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 19:45:00 +0000

Type Values Removed Values Added
Description Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the str_eval() function in notification_handler.py implements a sandboxed eval() for notification text templates. The sandbox attempts to restrict callable names by inspecting code.co_names of the compiled code object. However, co_names only contains names from the outer code object. When a lambda expression is used, it creates a nested code object whose attribute accesses are stored in code.co_consts, NOT in code.co_names. The sandbox never inspects nested code objects. This issue has been patched in version 2.17.0.
Title Tautulli: RCE via eval() sandbox bypass using lambda nested scope to escape co_names whitelist check
Weaknesses CWE-94
CWE-95
References
Metrics cvssV4_0

{'score': 7.5, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Tautulli Tautulli
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-30T20:13:28.905Z

Reserved: 2026-02-27T20:57:47.709Z

Link: CVE-2026-28505

cve-icon Vulnrichment

Updated: 2026-03-30T20:13:23.609Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T20:16:20.180

Modified: 2026-04-02T16:55:37.280

Link: CVE-2026-28505

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:38:05Z

Weaknesses