CVE-2026-26975 is a high-severity vulnerability affecting Music Assistant server versions 2.6.3 and below. Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. The vulnerability stems from an external control of file name or path (CWE-73) combined with directory traversal (CWE-22) and unrestricted file upload (CWE-434) in the music/playlists/update API endpoint. This API fails to enforce the .m3u file extension restriction, allowing attackers to write arbitrary files anywhere on the filesystem. Since the server often runs inside a container with root privileges, an attacker can write a malicious .pth file into the Python site-packages directory. Python automatically executes code in .pth files upon interpreter startup, enabling remote code execution (RCE) without authentication or user interaction. The CVSS v3.1 score is 8.8 (high), reflecting the ease of exploitation over a network with no privileges required and the severe impact on confidentiality, integrity, and availability. No known exploits are currently reported in the wild. The vulnerability was published on February 20, 2026, and fixed in Music Assistant version 2.7.0.

The vulnerability allows attackers to execute arbitrary code remotely on affected Music Assistant servers, potentially leading to full system compromise. Because the container runs as root, attackers gain root-level access, enabling them to steal sensitive data, disrupt media services, pivot to other internal systems, or deploy ransomware and other malware. The breach of confidentiality, integrity, and availability can severely impact organizations relying on Music Assistant for media management, especially those integrating streaming services and connected speakers in enterprise or home environments. The ease of exploitation without authentication or user interaction increases the risk of widespread attacks. Organizations may face operational downtime, data breaches, and reputational damage if exploited.

1. Immediately upgrade all Music Assistant server installations to version 2.7.0 or later, where the vulnerability is patched. 2. If upgrading is not immediately possible, restrict network access to the music/playlists/update API endpoint to trusted users and networks only. 3. Run the Music Assistant container with the least privileges possible; avoid running as root to limit the impact of potential exploits. 4. Implement file system monitoring to detect unauthorized creation or modification of .pth files in Python site-packages directories. 5. Employ network segmentation and firewall rules to limit exposure of vulnerable services to untrusted networks. 6. Regularly audit container configurations and update dependencies to minimize attack surface. 7. Monitor security advisories and threat intelligence feeds for any emerging exploit attempts targeting this vulnerability.