5 matches found
CVE-2025-66203
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...
CVE-2025-66203 StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...
CVE-2025-66203 StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...
CVE-2025-66203 StreamVault is Vulnerable to Authenticated Remote Code Execution (RCE) via ytdlpargs Configuration Injection
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution RCE vulnerability exists in the stream-vault application SpiritApplication. The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without...
PT-2025-53607
Name of the Vulnerable Software and Affected Versions StreamVault versions prior to 251126 Description StreamVault is a video download integration solution. A Remote Code Execution RCE issue exists in the stream-vault application SpiritApplication. The application does not properly validate...