this post was submitted on 22 May 2026
313 points (97.6% liked)
Selfhosted
59923 readers
817 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam.
-
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
-
Don't duplicate the full text of your blog or git here. Just post the link for folks to click.
-
Submission headline should match the article title.
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Exposed endpoints that have no authentication and various other things like that.
It's application level security issues.
If there is an older collation here https://github.com/jellyfin/jellyfin/issues/5415
thanks; for anyone looking, the issues have been split out at the bottom, none of them are addressed as of this writing. I don't know that I feel like they are that serious (most of them allow you to play things if you know an ID), but they are the kind of thing you'd see in a project where there are bigger security issues.