Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability.
The company has yet to assign a CVE-ID to track the flaw and didn’t provide additional details regarding the patch, only saying that it impacts Plex Media Server versions 1.41.7.x to 1.42.0.x.
From what I’ve gathered in other posts regarding Plex and jellyfin, the ones that never learned how to port forward or any other alternative solution for getting external traffic to their internal server. All the complaints I’ve read here regarding jellyfin boiled down to them relying on the Plex relay to handle the traffic for them.