9 matches found
Fedora 44 : yt-dlp (2026-937e768833)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-937e768833 advisory. - Update to 2026.02.21. Fixes rhbz2441709. - Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm rhbz2442244 ---- Sat Feb 21 2026 Dominik 'Rathann'...
Fedora: Security Advisory (FEDORA-2026-7d3c7180c7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2026-26331
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option o...
Fedora: Security Advisory (FEDORA-2026-d86b88630b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-26331 yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option
yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously...
Fedora 45 : yt-dlp (2026-3d6da3d46f)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3d6da3d46f advisory. Automatic update for yt-dlp-2026.02.21-1.fc45. Changelog Tue Feb 24 2026 Maxwell G - 2026.02.21-1 - Update to 2026.02.21. Fixes rhbz2441709. - Mitigates...
amusing-app (>=0.2.0 <=0.4.2), arbi-tr-frontend (>=0.1.0 <=0.1.1) +125 more potentially affected by CVE-2026-26331 via yt-dlp (>=2023.6.22 <=2026.1.31)
yt-dlp PYPI version =2023.6.22, =0.2.0, =0.1.0, =1.1.5, =0.1.7, =1.0.0, =1.0.0, =0.1.0, =2024.3.25, =1.1.1, =0.0.2, =0.1.16, =0.4.3, =0.4.4 - depthflow =0.9.0.dev1 and more Source cves: CVE-2026-26331 Source advisory: OSV:GHSA-G3GW-Q23R-PGQM...
amusing-app (>=0.2.0 <=0.4.2), arbi-tr-frontend (>=0.1.0 <=0.1.1) +125 more potentially affected by CVE-2026-26331 via yt-dlp (>=2023.6.22 <=2026.1.31)
yt-dlp PYPI version =2023.6.22, =0.2.0, =0.1.0, =1.1.5, =0.1.7, =1.0.0, =1.0.0, =0.1.0, =2024.3.25, =1.1.1, =0.0.2, =0.1.16, =0.4.3, =0.4.4 - depthflow =0.9.0.dev1 and more Source cves: CVE-2026-26331 Source advisory: SNYK:PYTHON-YTDLP-15338139...
Exploit for CVE-2026-26331
No d...