{"vulnerability": "CVE-2025-43858", "sightings": [{"uuid": "ee202606-893a-4e45-9296-1ff59da37107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43858", "type": "seen", "source": "https://t.me/cvedetector/23696", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43858 - YouTubeDLSharp Windows Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43858 \nPublished : April 24, 2025, 6:15 p.m. | 17\u00a0minutes ago \nDescription : YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4 and prior to 1.1.2, an unsafe conversion of arguments allows the injection of a malicious commands when starting `yt-dlp` from a commands prompt running on Windows OS with the `UseWindowsEncodingWorkaround` value defined to true (default behavior). If a user is using built-in methods from the YoutubeDL.cs file, the value is true by default and a user cannot disable it from these methods. This issue has been patched in version 1.1.2. \nSeverity: 9.2 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T20:35:31.000000Z"}, {"uuid": "d62a37fd-d087-4b07-b4c4-f087dcd66a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43858", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114394506142543507", "content": "", "creation_timestamp": "2025-04-24T19:07:20.639136Z"}, {"uuid": "9593ac30-100c-4a58-9bea-12154c9dc4c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43858", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnlg5qen6y2d", "content": "", "creation_timestamp": "2025-04-24T19:14:38.648082Z"}, {"uuid": "cbca1b67-b345-4c24-b0c6-aff83e56e5ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43858", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114394668305306998", "content": "", "creation_timestamp": "2025-04-24T19:48:34.454352Z"}]}