A vulnerability classified as critical has been found in jxxghp MoviePilot up to 2.13.3 . Impacted is an unknown function of the component Remote Cloud Storage API . The manipulation leads to path traversal. This vulnerability is documented as CVE-2026-11416 . The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.