27 matches found
DEBIAN-CVE-2026-50023
yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, a vulnerability exists in yt-dlp that allows a remote attacker to write arbitrary OS-shortcut files such as .desktop, .url, .webloc to the user's filesystem, bypassing the remediation for CVE-2024-38519. The allowlist explicitl...
CVE-2026-50574
yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...
CVE-2026-50019
yt-dlp is a command-line audio/video downloader. From 2023.09.24 until 2026.06.09, if curl is used as an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect or when the host for download fragments differs from their parent manifest's. At the file downloa...
CVE-2026-50574
yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format such as an HLS/DASH stream, yt-dlp passes insufficiently sanitized input to aria2c that allows an attacker to perform an arbitrary file write. On...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via insufficient sanitization of input passed to the aria2c external...
SUSE CVE-2026-26331
yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously...
CVE-2026-26331
yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's --netrc-cmd command-line option or netrccmd Python API parameter is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously...
yt-dlp 操作系统命令注入漏洞
yt-dlp is a branch of youtube-dl based on the now-deprecated youtube-dlc. Versions of yt-dlp from 2023.06.21 to 2026.02.21 had an operating system command injection vulnerability. This vulnerability occurred when using the --netrc-cmd command-line option, which might allow command injection,...
Command Injection
Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Command Injection in the --netrc-cmd option and netrccmd API parameter, which invoke subprocess.Popen with shell=True. The GetCourseRuIE, TeachableIE, and...
amusing-app (>=0.2.0 <=0.4.2), arbi-tr-frontend (>=0.1.0 <=0.1.1) +125 more potentially affected by CVE-2026-26331 via yt-dlp (>=2023.6.22 <=2026.1.31)
yt-dlp PYPI version =2023.6.22, =0.2.0, =0.1.0, =1.1.5, =0.1.7, =1.0.0, =1.0.0, =0.1.0, =2024.3.25, =1.1.1, =0.0.2, =0.1.16, =0.4.3, =0.4.4 - depthflow =0.9.0.dev1 and more Source cves: CVE-2026-26331 Source advisory: SNYK:PYTHON-YTDLP-15338139...
EUVD-2023-2412
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-22423
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by...
Remote Code Execution (RCE)
yt-dlp is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of the --exec placeholder on Windows, allowing crafted file paths to execute arbitrary commands...
batata-lib (>=0.1.7 <=0.1.8), boosty-downloader (>=1.0.0 <=3.0.0) +76 more potentially affected by CVE-2025-54072 via yt-dlp (>=2025.10.14 <=2025.6.9)
yt-dlp PYPI version =2025.10.14, =0.1.7, =1.0.0, =0.0.2, =0.1.16, =0.4.3, =0.0.2.2, =0.1.0, =3.2.0, =3.4.2 and more Source cves: CVE-2025-54072 Source advisory: SNYK:PYTHON-YTDLP-10878169...
CVE-2025-54072 yt-dlp allows `--exec` command injection when using placeholder on Windows
yt-dlp is a feature-rich command-line audio/video downloader. In versions 2025.06.25 and below, when the --exec option is used on Windows with the default placeholder or , insufficient sanitization is applied to the expanded filepath, allowing for remote code execution. This is a bypass of the...
PT-2025-30264 · Eslint +1 · @Eslint/Plugin-Kit +1
Name of the Vulnerable Software and Affected Versions: yt-dlp versions 2025.06.25 and below Description: yt-dlp is a command-line audio/video downloader. A flaw exists where, on Windows, using the --exec option with the default placeholder or results in insufficient sanitization of the expanded...
Linux Distros Unpatched Vulnerability : CVE-2023-35934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak...
The vulnerability of the yt-dlp download utility lies in its lack of measures to neutralize special elements used in the operating system’s command line, allowing a violator to execute arbitrary code.
The vulnerability of the YouTube-DLP download utility exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
amusing-app (>=0.2.0 <=0.4.2), arbi-tr-frontend (>=0.1.0 <=0.1.1) +56 more potentially affected by unknown CVE via yt-dlp (>=2023.9.24 <=2024.7.25)
yt-dlp PYPI version =2023.9.24, =0.2.0, =0.1.0, =1.0.0, =0.1.0, =2024.3.25, =1.1.1, =0.0.1.2, =1.0.1.1, =0.3.0, =3.1.1, =0.1.0, =0.1.0, =0.1.1 - khan-dl =1.2.9 - kick-dl =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-3V33-3WMW-3785...
Path Traversal
yt-dlp is vulnerable to Path Traversal. The vulnerability is due to unrestricted file extensions of downloaded files resulting in arbitrary filenames and path traversal on Windows, which could allows an attacker to execute arbitrary code...