Security: motioneye-project/motioneye
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Missing authentication on ActionHandler allows unauthenticated camera action executionGHSA-j67x-q29f-qcvv published
Jun 20, 2026 by MichaIngModerate -
Absolute Path Traversal in Media File Handlers Allows Arbitrary File ReadGHSA-rw9q-97r9-8gvh published
Jun 20, 2026 by MichaIngHigh -
Partial Authentication Bypass: Unauthenticated Admin Credential Theft via Path TraversalGHSA-phv5-334h-mxcw published
Jun 20, 2026 by MichaIngCritical -
World-Readable Configuration File Exposes Admin Password Hash in motionEyeGHSA-rhgp-6wq6-9j67 published
Jun 20, 2026 by MichaIngModerate -
motionEye: LFI → pass‑the‑hash admin → unsafe restore → unauth action exec (RCE)GHSA-qxvg-h7q2-hcxh published
Jun 20, 2026 by MichaIngCritical -
Arbitrary File Read via Path Traversal in Picture/Movie API EndpointsGHSA-g9fx-5r4h-pcw3 published
Jun 20, 2026 by MichaIngModerate -
Authentication possible via password hashGHSA-r3cw-c95m-wfh9 published
Jun 20, 2026 by MichaIngCritical -
RCE via unsanitized motion config parameter in motionEyeGHSA-j945-qm58-4gjx published
Nov 1, 2025 by MichaIngHigh -
RCE in add_camera Function Due to unsafe command executionGHSA-g5mq-prx7-c588 published
May 14, 2025 by MichaIngHigh
Learn more about advisories related to motioneye-project/motioneye in the GitHub Advisory Database