Lucene search
K

5 matches found

OSV
OSV
added 2026/02/24 3:16 a.m.6 views

DEBIAN-CVE-2026-26331

yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously...

8.8CVSS5.6AI score0.01596EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 2:23 a.m.5 views

CVE-2026-26331

yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously...

8.8CVSS5.7AI score0.01596EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2026/02/24 2:23 a.m.95 views

CVE-2026-26331

yt-dlp suffers an arbitrary command injection when using --netrc-cmd (or netrc_cmd) with a malicious URL. Affected versions are from 2023.06.21 up to, but not including, 2026.02.21; the fix in 2026.02.21 validates all netrc machine values and raises on unexpected input. The vulnerability can be e...

8.8CVSS5.6AI score0.01596EPSS
Exploits2References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/02/24 12:0 a.m.5 views

CVE-2026-26331

yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously...

8.8CVSS5.8AI score0.01596EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.7 views

Fedora 45 : yt-dlp (2026-3d6da3d46f)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3d6da3d46f advisory. Automatic update for yt-dlp-2026.02.21-1.fc45. Changelog Tue Feb 24 2026 Maxwell G - 2026.02.21-1 - Update to 2026.02.21. Fixes rhbz2441709. - Mitigates...

8.8CVSS5.6AI score0.01596EPSS
Exploits2References2
Rows per page
Query Builder