CVE-2025-69414

Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent access token via a /myplex/account call with a transient access token.

More information : https://github.com/lufinkey/vulnerability-research/blob/main/CVE-2025-34158/README.md