GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
7 advisories
yt-dlp: Arbitrary command injection possible if --exec option used with yt-dlp
High
GHSA-69qj-pvh9-c5wg
was published
for
yt-dlp
(pip)
Jun 16, 2026
yt-dlp: Arbitrary code execution via manifest downloads with aria2c
High
CVE-2026-50574
was published
for
yt-dlp
(pip)
Jun 16, 2026
yt-dlp: Dangerous file type creation via insufficient filename sanitization (Bypass of CVE-2024-38519)
High
CVE-2026-50023
was published
for
yt-dlp
(pip)
Jun 16, 2026
yt-dlp: File Downloader cookie leak with curl
Moderate
CVE-2026-50019
was published
for
yt-dlp
(pip)
Jun 16, 2026
yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option
High
CVE-2026-26331
was published
for
yt-dlp
(pip)
Feb 23, 2026
yt-dlp has dependency on potentially malicious third-party code in Douyu extractors
Low
GHSA-3v33-3wmw-3785
was published
for
yt-dlp
(pip)
Jul 8, 2024
yt-dlp File Downloader cookie leak
Moderate
CVE-2023-35934
was published
for
yt-dlp
(pip)
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API