91 matches found
EUVD-2026-38497
yt-dlp is a command-line audio/video downloader. From 2023.09.24 until 2026.06.09, if curl is used as an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect or when the host for download fragments differs from their parent manifest's. At the file downloa...
CVE-2026-50574 yt-dlp: Arbitrary code execution via manifest downloads with aria2c
yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...
CVE-2026-50574
CVE-2026-50574 affects yt-dlp, where using aria2c as an external downloader for fragmented manifests (HLS/DASH) allows an attacker to write arbitrary files by passing insufficiently sanitized input to aria2c. On Windows, this can cause immediate arbitrary code execution; on non-Windows, execution...
GHSA-55HG-8QXV-QJ4P
creationtimestamp| type| source ---|---|--- 2026-06-09 23:41:37+00:00| seen| https://gist.github.com/alon710/8fd39736c139424c0b6f1dacb91f586a...
GHSA-833P-95JQ-929Q
creationtimestamp| type| source ---|---|--- 2026-06-09 23:11:25+00:00| seen| https://gist.github.com/alon710/c5822daca832e3ff7c46650aefcc77c9...
CVE-2026-34713
creationtimestamp| type| source ---|---|--- 2026-06-09 23:00:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvcg34ysg2n...
CVE-2026-34711
creationtimestamp| type| source ---|---|--- 2026-06-09 23:00:19+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnvcflawlb2n 2026-06-10 02:03:22+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnvmmyg4nr2a...
CVE-2026-47929
creationtimestamp| type| source ---|---|--- 2026-06-09 22:02:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnv76t5dy62y 2026-06-10 09:01:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnwdx7bjkc2n 2026-06-15 18:37:07+00:00| seen|...
CVE-2026-48291
creationtimestamp| type| source ---|---|--- 2026-06-09 22:00:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnv73bc46r2y...
CVE-2026-11824
creationtimestamp| type| source ---|---|--- 2026-06-09 21:46:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnv6c5utvl2h 2026-06-09 22:23:24+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mnvadonscf2q 2026-06-18 17:10:38+00:00| seen|...
CVE-2025-67862
creationtimestamp| type| source ---|---|--- 2026-06-09 17:45:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnuqrsjdj32e 2026-06-10 13:15:13+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnws6ecbbi2y...
CVE-2026-8025
creationtimestamp| type| source ---|---|--- 2026-06-09 17:39:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnuqisenyh2x...
CVE-2026-49843
creationtimestamp| type| source ---|---|--- 2026-06-09 17:28:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnupugl5ma2v...
CVE-2026-49847
creationtimestamp| type| source ---|---|--- 2026-06-09 17:08:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnuoqjlq7b2s...
CVE-2026-42766
creationtimestamp| type| source ---|---|--- 2026-06-09 16:53:35+00:00| seen| https://mstdn.social/users/jschauma/statuses/116721189556088584 2026-06-10 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/openssl-multiple-vulnerabilities20260611 2026-06-16 16:20:37+00:00| seen|...
CVE-2026-35188
creationtimestamp| type| source ---|---|--- 2026-06-09 16:53:34+00:00| seen| https://mstdn.social/users/jschauma/statuses/116721189556088584 2026-06-10 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/openssl-multiple-vulnerabilities20260611...
CVE-2026-34182
creationtimestamp| type| source ---|---|--- 2026-06-09 16:53:34+00:00| seen| https://mstdn.social/users/jschauma/statuses/116721189556088584 2026-06-10 00:01:48+00:00| seen| https://bsky.app/profile/slackers.it/post/3mnvftkqgtb2f 2026-06-10 00:01:53+00:00| seen|...
CVE-2026-45644
creationtimestamp| type| source ---|---|--- 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-09 16:23:58+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0184...
CVE-2026-26142
creationtimestamp| type| source ---|---|--- 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-09 18:26:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnut4ve2hx2x...
CVE-2026-47284
creationtimestamp| type| source ---|---|--- 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review 2026-06-09 16:23:58+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0184...