All 7 CVE vulnerabilities found in MyTube, with AI-generated Chinese analysis, references, and POCs.
Vendor: franklioxygen
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33935 | MyTube has Unauthenticated Account Lockout via Shared Login Attempt State CWE-307 | - | - | 2026-03-27 |
| CVE-2026-33890 | MyTube has an Unauthenticated Admin Privilege Escalation via Passkey Registration CWE-284 | 9.8 | - | 2026-03-27 |
| CVE-2026-33735 | MyTube has an Improper Access Control that Allows Complete Application Takeover CWE-285 | 8.8 | - | 2026-03-27 |
| CVE-2026-24140 | MyTube has Mass Assignment via Settings Management CWE-915 | 2.7 | Low | 2026-01-23 |
| CVE-2026-24139 | MyTube Allows Unauthorized Database Export by Guest Users CWE-862 | 6.5 | - | 2026-01-23 |
| CVE-2026-23848 | MyTube has Rate Limiting Bypass via X-Forwarded-For Header Spoofing CWE-807 | 6.5 | Medium | 2026-01-19 |
| CVE-2026-23837 | MyTube has an Authorization Bypass vulnerability CWE-863 | 9.8 | Critical | 2026-01-19 |
All 7 known CVE vulnerabilities affecting MyTube with full Chinese analysis, references, and POCs where available.