CVE-2026-26975 is a critical vulnerability classified under CWE-73 (External Control of File Name or Path), CWE-22 (Path Traversal), and CWE-434 (Unrestricted Upload of File with Dangerous Type) affecting Music Assistant server versions prior to 2.7.0. Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. The vulnerability resides in the music/playlists/update API endpoint, which is intended to allow playlist updates with files having the .m3u extension. However, the API fails to properly enforce this extension restriction, allowing attackers to bypass it and write files with arbitrary names and paths anywhere on the filesystem. This path traversal and file write capability is particularly dangerous because the server often runs inside a container with root privileges. An attacker can exploit this by writing a malicious .pth file into the Python site-packages directory. Python automatically executes code in .pth files during module loading, enabling arbitrary code execution without any authentication or user interaction. The attack vector is network-adjacent, meaning the attacker must have access to the same network segment but does not require credentials. The vulnerability has a CVSS v3.1 base score of 8.8, reflecting its high impact on confidentiality, integrity, and availability, combined with low attack complexity and no privileges or user interaction required. Although no known exploits are reported in the wild yet, the ease of exploitation and severity make this a critical risk. The issue was addressed in Music Assistant server version 2.7.0 by enforcing proper file extension validation and restricting file write paths. Organizations running vulnerable versions should prioritize upgrading and consider additional network and container security controls.

The impact of CVE-2026-26975 is severe for organizations using vulnerable Music Assistant server versions. Successful exploitation allows unauthenticated attackers to execute arbitrary code with root privileges inside the container, potentially leading to full system compromise. This can result in unauthorized access to sensitive media libraries, disruption of streaming services, lateral movement within internal networks, and deployment of persistent malware or ransomware. The compromise of media management infrastructure could also serve as a foothold for further attacks on connected IoT devices or enterprise networks. Given the container runs as root, the scope of damage extends beyond the application to the host system if container escape vulnerabilities exist. The vulnerability threatens confidentiality, integrity, and availability simultaneously, making it a critical risk for both private users and organizations relying on Music Assistant for media streaming and management. The lack of authentication and user interaction requirements increases the likelihood of exploitation in exposed network environments.

To mitigate CVE-2026-26975, organizations should immediately upgrade Music Assistant server to version 2.7.0 or later, where the vulnerability is fixed. Until upgrade is possible, restrict network access to the music/playlists/update API endpoint using firewalls or network segmentation to limit exposure to trusted users only. Run containers with least privilege principles by avoiding root user execution; configure containers to run as non-root users to reduce impact of potential exploits. Implement strict input validation and monitoring for unusual file write activities within the container filesystem. Employ runtime security tools to detect and block unauthorized file modifications, especially in Python site-packages directories. Regularly audit container configurations and update dependencies to minimize attack surface. Additionally, monitor logs for suspicious API calls that attempt to bypass file extension restrictions. Educate administrators about the risks of running containers as root and encourage adoption of security best practices for containerized applications.