CVE-2026-50023 - yt-dlp: Dangerous file type creation via insufficient filename sanitization (Bypass of CVE-2024-38519)
CVE ID :CVE-2026-50023 Published : June 23, 2026, 4:08 p.m. | 5 hours, 2 minutes ago Description :yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, a vulnerability exists in yt-dlp that allows a remote attacker to write arbitrary OS-shortcut files (such as .desktop, .url,...