CVE-2026-44226

< 2026-04-13

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python

5.3MEDIUM

CVE-2026-41133

< 2026-04-13

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and `

8.8HIGH

CVE-2026-40071

< 2026-04-13

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the /json/package_order, /json/link_o

5.4MEDIUM

CVE-2026-35464

< 2026-04-02

pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMIN_ONLY_OPTIONS set to

7.5HIGH

CVE-2026-33992

all versions

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, PyLoad's download engine acce

6.5MEDIUM

CVE-2026-33511

<= 0.4.20

pyLoad is a free and open-source download manager written in Python. From version 0.4.20 to before version 0.5.0b3.dev97, the loca

9.8CRITICAL

CVE-2026-33509

>= 0.4 and <= 0.4.20

pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before version 0.5.0b3.dev97, the set_c

7.5HIGH

CVE-2026-32808

<= 0.4.20

pyLoad is a free and open-source download manager written in Python. Versions before 0.5.0b3.dev97 are vulnerable to path traversa

8.1HIGH

CVE-2024-1240

all versions

An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'nex

6.1MEDIUM

CVE-2024-47821

all versions

pyLoad is a free and open-source Download Manager. The folder /.pyload/scripts has scripts which are run when certain actions ar

9.1CRITICAL

CVE-2024-32880

<= 0.5.0

pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload

9.1CRITICAL

CVE-2024-24808

<= 0.5.0

pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validat

4.7MEDIUM

CVE-2023-47890

all versions

pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.

8.8HIGH

CVE-2024-21645

<= 0.4.9

pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in `pyloa

5.3MEDIUM

CVE-2024-21644

<= 0.4.9

pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL

7.5HIGH

CVE-2023-0509

< 2023-01-25

Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.

7.4HIGH

CVE-2023-0488

< 2023-01-24

Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.

5.4MEDIUM

CVE-2023-0435

<= 0.4.20

Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41.

9.8CRITICAL

CVE-2023-0434

<= 0.4.9

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40.

7.5HIGH

CVE-2023-0297

<= 0.4.20

Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.

9.8CRITICAL

CVE-2023-0227

< 2023-01-12

Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36.

6.5MEDIUM

CVE-2023-0057

< 2023-01-05

Improper Restriction of Rendered UI Layers or Frames in GitHub repository pyload/pyload prior to 0.5.0b3.dev33.

6.1MEDIUM

CVE-2023-0055

all versions

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.

5.3MEDIUM