CVE-2026-49338 | sentriz gonic up to 0.20.x Subsonic API deletePlaylist.view improper authorization (GHSA-hmgp-w9jm-vp95 / EUVD-2026-38067)
A vulnerability was found in sentriz gonic up to 0.20.x and classified as critical. This vulnerability affects unknown code of the file /rest/deletePlaylist.view of the component Subsonic API. The manipulation results in improper authorization.
This vulnerability is cataloged as CVE-2026-49338. The attack may be launched remotely. There is no exploit available.
It is suggested to upgrade the affected component.