| Reporter | Title | Published | Views | Family All 83 |
|---|---|---|---|---|
| CVE-2024-38519 | 2 Jul 202413:47 | – | alpinelinux | |
| CVE-2024-38519 | 5 Jul 202405:03 | – | circl | |
| CVE-2026-50023 | 9 Jun 202623:27 | – | circl | |
| yt-dlp Security Vulnerabilities | 2 Jul 202400:00 | – | cnnvd | |
| CVE-2024-38519 | 2 Jul 202413:47 | – | cve | |
| CVE-2026-50023 | 23 Jun 202616:08 | – | cve | |
| CVE-2026-50574 | 23 Jun 202616:09 | – | cve | |
| CVE-2024-38519 yt-dlp and youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization | 2 Jul 202413:47 | – | cvelist | |
| CVE-2026-50023 yt-dlp: Dangerous file type creation via insufficient filename sanitization (Bypass of CVE-2024-38519) | 23 Jun 202616:08 | – | cvelist | |
| CVE-2026-50574 yt-dlp: Arbitrary code execution via manifest downloads with aria2c | 23 Jun 202616:09 | – | cvelist |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(321527);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/03");
script_cve_id("CVE-2026-50023", "CVE-2026-50574");
script_xref(name:"IAVB", value:"2026-B-0168");
script_name(english:"Python Library yt-dlp < 2026.6.9 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A Python library installed on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The detected version of the yt-dlp Python package is prior to 2026.6.9. It is, therefore, affected by multiple
vulnerabilities:
- A vulnerability exists in yt-dlp that allows a remote attacker to write arbitrary OS-shortcut files (such
as .desktop, .url, .webloc) to the user's filesystem, bypassing the remediation for CVE-2024-38519.
(CVE-2026-50023)
- If aria2c is used as an external downloader for a fragmented manifest format (such as an HLS/DASH stream),
yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file
write. On Windows platforms, this can lead to immediate arbitrary code execution. On non-Windows platforms,
this can lead to arbitrary code execution upon the next invocation of yt-dlp. (CVE-2026-50574)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported
version number.");
script_set_attribute(attribute:"see_also", value:"https://advisories.gitlab.com/pypi/yt-dlp/CVE-2026-50023/");
script_set_attribute(attribute:"see_also", value:"https://advisories.gitlab.com/pypi/yt-dlp/CVE-2026-50574/");
script_set_attribute(attribute:"solution", value:
"Upgrade to yt-dlp version 2026.6.9 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-50574");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/06/16");
script_set_attribute(attribute:"patch_publication_date", value:"2026/06/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/06/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"asset_categories", value:"component");
script_set_attribute(attribute:"cpe", value:"cpe:/a:yt-dlp_project:yt-dlp");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("python_packages_installed_nix.nbin", "python_packages_win_installed.nbin");
script_require_ports("Host/nix/Python/Packages/Enumerated", "Host/win/Python/Packages/Enumerated");
exit(0);
}
include('python.inc');
var pkg = 'yt-dlp';
var libs = python::get_package_info(pkg_name:pkg, cpe:"cpe:/a:yt-dlp_project:yt-dlp");
if (empty_or_null(libs))
audit(AUDIT_NOT_INST, pkg);
vcf::check_all_backporting(app_info:libs);
var constraints = [
{ 'fixed_version' : '2026.6.9' }
];
vcf::check_version_and_report(
app_info:libs,
constraints:constraints,
severity:SECURITY_HOLE
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation