yt-dlp CVE-2025-54072 --exec Command Injection Bypass

github.com 2025-07-26查看中文 →

Security AdvisoryCVE-2025-54072Highyt-dlp

Affected:

yt-dlp < 2025.07.21

Fixed in:

2025.07.21

Referenced CVEs: CVE-2025-54072 · 7.5

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

CVE-2025-6958 Arbitrary File Deletion in pontedilana/php-weasyprint <= 2.5.1 2026-06-19 PHPWeasyPrint Arbitrary File Deletion Fix (Pre-Auth/Path Traversal) 2026-06-19 NI grpc-device Untrusted Pointer Dereference Leading to RCE (CVE-2026-48137) 2026-06-19 line-desktop-mcp Bearer Token Exposure and @mention Parsing Vulnerability Analysis 2026-06-19 LINE Desktop MCP Server Unauthenticated Access via Streamable HTTP (CVE-2026-8957) 2026-06-19

Offline Archive

Offline screenshot & PDF are Pro-exclusive