Download Latest Version
Tautulli v2.17.0 source code.tar.gz (14.7 MB)
Get an email when there's a new version of Tautulli
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| Tautulli-windows-v2.17.0-x64.exe | 2026-03-28 | 32.0 MB | |
| Tautulli-macos-v2.17.0-universal.pkg | 2026-03-28 | 43.0 MB | |
| README.md | 2026-03-28 | 2.0 kB | |
| Tautulli v2.17.0 source code.tar.gz | 2026-03-28 | 14.7 MB | |
| Tautulli v2.17.0 source code.zip | 2026-03-28 | 16.3 MB | |
| Totals: 5 Items | 106.0 MB | 2 | |
Changelog
v2.17.0 (2026-03-27)
- Important Note!
- Several security vulnerabilities have been identified in Tautulli versions <=2.16.1. Users are strongly encouraged to update to the latest Tautulli version 2.17.x.
- Notifications:
- Fix: Prevent RCE in notification text evaluation. (CVE-2026-28505) (Thanks @q1uf3ng)
- Newsletters:
- Fix: Media from other video libraries using the modern Plex agents not showing up on newsletter.
- Fix: Unauthenticated path traversal in /newsletter/image/images endpoint. (CVE-2026-31831) (Thanks @JakePeralta7)
- Exporter:
- Fix: Logo images incorrectly exported as jpg instead of png.
- New: Added ability to export square art images.
- New: Added ability to export theme music. (#2654)
- Graphs:
- Fix: History modal not opening when clicking on graphs. (#2652)
- API:
- Fix: SQL injection in get_home_stats API command. (CVE-2026-31799) (Thanks @mandreko)
- Fix: Unsanitized JSONP callback parameter. (CVE-2026-32275) (Thanks @mandreko)
- New: Added rating to get_home_stats API command. (#2655) (Thanks @jma1ice)
- Removed: get_apikey API command.
- Other:
- Fix: Validate log path for Plex log files. (#2632)
- Fix: Add authentication to /pms_image_proxy endpoint. (CVE-2026-31804) (Thanks @mandreko)
- New: Updated third party donation logos. (#2646) (Thanks @aisgbnok)
- New: Update Bootstrap CSS to v3.4.1 and decouple overrides (#2662) (Thanks @aisgbnok)
- New: Update Bootstrap-select to v1.13.18 (#2666) (Thanks @aisgbnok)
🛡 VirusTotal GitHub Action analysis:
