CVE-2026-40491

gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the archive members...

CVE-2026-40491

gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the archive members...

UBUNTU-CVE-2026-40491

gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality. When extracting a maliciously crafted ZIP or TAR archive, the library fails to sanitize or validate the filenames of the archive members...

Linux Distros Unpatched Vulnerability : CVE-2026-40491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality. Wh...

accutuning-helpers (>=1.0.32 <=1.0.33), adaptnlp (>=0.3.0 <=0.3.7) +239 more potentially affected by CVE-2026-40491 via gdown (>=3.11.0 <=5.2.1)

gdown PYPI version =3.11.0, =1.0.32, =0.3.0, =0.0.0, =0.2.0, =0.0.2, =1.14.0, =0.4.0, =0.1.1, =0.0.1, =1.2.14 and more Source cves: CVE-2026-40491 Source advisory: OSV:GHSA-76HW-P97H-883F...

CVE-2026-40491

creationtimestamp| type| source ---|---|--- 2026-04-12 06:08:33+00:00| published-proof-of-concept| https://github.com/wkentaro/gdown/security/advisories/GHSA-76hw-p97h-883f 2026-04-18 05:33:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjqpo5uccj26...