A critical API vulnerability (CVE-2025-64113) has been identified in MediaBrowser.Server.Core, affecting Emby Server. This flaw allows an unauthenticated attacker to gain full administrative access to the Emby Server instance without any prior conditions or authentication. The vulnerability poses a significant risk, potentially leading to complete compromise of the media server and its hosted content, including user data and system configurations.