| CVE-2026-42312 |
medium |
6.8 |
6.8 |
|
|
|
17d ago |
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates … |
| CVE-2026-45306 |
medium |
6.5 |
6.5 |
|
|
|
14d ago |
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the fix for CVE-2026-33509 prevents setting storage_folder inside PKGDIR or userdir, but does NOT protect… |
| CVE-2026-42315 |
medium |
6.5 |
6.5 |
|
|
|
17d ago |
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API function call inside the data object with key "_… |
| CVE-2026-42314 |
medium |
6.5 |
6.5 |
|
|
|
17d ago |
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .._ … |
| CVE-2026-44226 |
medium |
5.3 |
5.3 |
|
|
|
17d ago |
PyLoad vulnerable to unauthenticated traceback disclosure via global exception handler in WebUI |
| CVE-2026-46561 |
medium |
5.0 |
5.0 |
|
|
|
7d ago |
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the PREREQFUNCTION-based private IP check was not applied to HTTPRequest (used by the parse_urls API). An… |