3 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-50574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an...
CVE-2026-26331
A flaw was found in yt-dlp, a command-line audio/video downloader. When the --netrc-cmd command-line option is enabled, a remote attacker can exploit a maliciously crafted URL to achieve arbitrary command injection. This allows the attacker to execute unauthorized commands on the user's system,...
yt-dlp 操作系统命令注入漏洞
yt-dlp is the youtube-dl branch of yt-dlp based on the now inactive youtube-dlc. An operating system command injection vulnerability exists in yt-dlp version 2025.06.25 and earlier, which stems from insufficient path cleanup in the --exec option file, and could lead to remote code execution...