CVE-2025-57155 — CVSS 7.5 (high): NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after…
CVE-2025-57156 — CVSS 7.5 (high): NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer…
CVE-2025-63647 — CVSS 7.5 (high): A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit 334beb allows attackers to cause a Denial…
CVE-2025-63648 — CVSS 7.5 (high): A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows…