Vulnerability-Lookup

CVE-2026-26331 (GCVE-0-2026-26331)

Vulnerability from cvelistv5 – Published: 2026-02-24 02:23 – Updated: 2026-02-24 20:08

Title

yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option

Summary

yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp's `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously crafted URL. yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without `--netrc-cmd` in their arguments or `netrc_cmd` in their scripts are unaffected. No evidence has been found of this exploit being used in the wild. yt-dlp version 2026.02.21 fixes this issue by validating all netrc "machine" values and raising an error upon unexpected input. As a workaround, users who are unable to upgrade should avoid using the `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter), or they should at least not pass a placeholder (`{}`) in their `--netrc-cmd` argument.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/yt-dlp/yt-dlp/security/advisor…	x_refsource_CONFIRM
	https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b9…	x_refsource_MISC
	https://github.com/yt-dlp/yt-dlp/releases/tag/202…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	yt-dlp	yt-dlp	Affected: >= 2023.06.21, < 2026.02.21

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26331",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-24T20:08:27.991642Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-24T20:08:47.720Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "yt-dlp",
          "vendor": "yt-dlp",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2023.06.21, \u003c 2026.02.21"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp\u0027s `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user\u0027s system with a maliciously crafted URL. yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without `--netrc-cmd` in their arguments or `netrc_cmd` in their scripts are unaffected. No evidence has been found of this exploit being used in the wild. yt-dlp version 2026.02.21 fixes this issue by validating all netrc \"machine\" values and raising an error upon unexpected input. As a workaround, users who are unable to upgrade should avoid using the `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter), or they should at least not pass a placeholder (`{}`) in their `--netrc-cmd` argument."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-24T02:23:40.858Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm"
        },
        {
          "name": "https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a"
        },
        {
          "name": "https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21"
        }
      ],
      "source": {
        "advisory": "GHSA-g3gw-q23r-pgqm",
        "discovery": "UNKNOWN"
      },
      "title": "yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-26331",
    "datePublished": "2026-02-24T02:23:40.858Z",
    "dateReserved": "2026-02-13T16:27:51.810Z",
    "dateUpdated": "2026-02-24T20:08:47.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-26331\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-02-24T03:16:01.710\",\"lastModified\":\"2026-02-25T19:32:30.417\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp\u0027s `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user\u0027s system with a maliciously crafted URL. yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without `--netrc-cmd` in their arguments or `netrc_cmd` in their scripts are unaffected. No evidence has been found of this exploit being used in the wild. yt-dlp version 2026.02.21 fixes this issue by validating all netrc \\\"machine\\\" values and raising an error upon unexpected input. As a workaround, users who are unable to upgrade should avoid using the `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter), or they should at least not pass a placeholder (`{}`) in their `--netrc-cmd` argument.\"},{\"lang\":\"es\",\"value\":\"yt-dlp es un descargador de audio/v\u00eddeo de l\u00ednea de comandos. A partir de la versi\u00f3n 2023.06.21 y antes de la versi\u00f3n 2026.02.21, cuando se utiliza la opci\u00f3n de l\u00ednea de comandos \u0027--netrc-cmd\u0027 de yt-dlp (o el par\u00e1metro de API de Python \u0027netrc_cmd\u0027), un atacante podr\u00eda lograr una inyecci\u00f3n de comandos arbitraria en el sistema del usuario con una URL creada maliciosamente. Los encargados del mantenimiento de yt-dlp asumen que el impacto de esta vulnerabilidad es alto para cualquiera que use \u0027--netrc-cmd\u0027 en su comando/configuraci\u00f3n o \u0027netrc_cmd\u0027 en sus scripts de Python. Aunque la URL creada maliciosamente en s\u00ed parecer\u00e1 muy sospechosa para muchos usuarios, ser\u00eda trivial explotar encubiertamente esta vulnerabilidad a trav\u00e9s de una redirecci\u00f3n HTTP para una p\u00e1gina web creada maliciosamente con una URL discreta . Los usuarios sin \u0027--netrc-cmd\u0027 en sus argumentos o \u0027netrc_cmd\u0027 en sus scripts no se ven afectados. No se ha encontrado evidencia de que este exploit se est\u00e9 utilizando. La versi\u00f3n 2026.02.21 de yt-dlp soluciona este problema validando todos los valores de \u0027machine\u0027 de netrc y generando un error ante una entrada inesperada. Como soluci\u00f3n alternativa, los usuarios que no puedan actualizarse deben evitar usar la opci\u00f3n de l\u00ednea de comandos \u0027--netrc-cmd\u0027 (o el par\u00e1metro de API de Python \u0027netrc_cmd\u0027), o al menos no deben pasar un marcador de posici\u00f3n (\u0027{}\u0027) en su argumento \u0027--netrc-cmd\u0027.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yt-dlp_project:yt-dlp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.06.21\",\"versionEndExcluding\":\"2026.02.21\",\"matchCriteriaId\":\"12B9D4B5-A1FA-4317-A911-DF469B09D3D5\"}]}]}],\"references\":[{\"url\":\"https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-26331\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-24T20:08:27.991642Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-24T20:08:37.464Z\"}}], \"cna\": {\"title\": \"yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option\", \"source\": {\"advisory\": \"GHSA-g3gw-q23r-pgqm\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"yt-dlp\", \"product\": \"yt-dlp\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 2023.06.21, \u003c 2026.02.21\"}]}], \"references\": [{\"url\": \"https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm\", \"name\": \"https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a\", \"name\": \"https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21\", \"name\": \"https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp\u0027s `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user\u0027s system with a maliciously crafted URL. yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without `--netrc-cmd` in their arguments or `netrc_cmd` in their scripts are unaffected. No evidence has been found of this exploit being used in the wild. yt-dlp version 2026.02.21 fixes this issue by validating all netrc \\\"machine\\\" values and raising an error upon unexpected input. As a workaround, users who are unable to upgrade should avoid using the `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter), or they should at least not pass a placeholder (`{}`) in their `--netrc-cmd` argument.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-02-24T02:23:40.858Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-26331\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-24T20:08:47.720Z\", \"dateReserved\": \"2026-02-13T16:27:51.810Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-02-24T02:23:40.858Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-G3GW-Q23R-PGQM

Vulnerability from github – Published: 2026-02-23 22:13 – Updated: 2026-02-24 16:08

Summary

yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option

Details

Summary

When yt-dlp's --netrc-cmd command-line option (or netrc_cmd Python API parameter) is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously crafted URL.

Impact

yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses --netrc-cmd in their command/configuration or netrc_cmd in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without --netrc-cmd in their arguments or netrc_cmd in their scripts are unaffected. No evidence has been found of this exploit being used in the wild.

Patches

yt-dlp version 2026.02.21 fixes this issue by validating all netrc "machine" values and raising an error upon unexpected input.

Workarounds

It is recommended to upgrade yt-dlp to version 2026.02.21 as soon as possible.

Users who are unable to upgrade should avoid using the --netrc-cmd command-line option (or netrc_cmd Python API parameter), or they should at least not pass a placeholder ({}) in their --netrc-cmd argument.

Details

yt-dlp's --netrc-cmd option can be used to run any arbitrary shell command to retrieve site login credentials so that the user doesn't have to store the credentials as plaintext in the filesystem. The --netrc-cmd argument is a shell command with an optional placeholder ({}). If the placeholder is present in the argument, it is replaced with the netrc "machine" value, which specifies the site for which login credentials are needed.

The netrc "machine" value is usually explicitly defined in yt-dlp's extractor code for a given site. However, yt-dlp has four extractors where the netrc "machine" value needs to be dynamically sourced from the site's hostname. And in three of those extractors (GetCourseRuIE, TeachableIE and TeachableCourseIE), wildcard matches are allowed for one or more subdomains of the hostname. This can result in a netrc "machine" value that contains special shell characters.

The --netrc-cmd argument is executed by a modified version of Python's subprocess.Popen with shell=True, which means that any special characters may be interpreted by the host shell, potentially leading to arbitrary command injection.

Here is an example of maliciously crafted URL input that exploits the vulnerability:

> yt-dlp --netrc-cmd "echo {}" "https://;echo pwned>&2;#.getcourse.ru/video"
[GetCourseRu] Executing command: echo getcourseru
WARNING: [GetCourseRu] Failed to parse .netrc: bad toplevel token 'getcourseru' (-, line 2)
[GetCourseRu] Extracting URL: https://;echo pwned>&2;#.getcourse.ru/video
[GetCourseRu] Executing command: echo ;echo pwned>&2;
pwned
[GetCourseRu] No authenticators for ;echo pwned>&2;
[GetCourseRu] video: Downloading webpage

Although only 3 of yt-dlp's extractors are directly susceptible to this attack, yt-dlp's "generic" extractor will follow HTTP redirects and try to match the resulting URL with one of the dedicated extractors. This means that any URL processed by the generic extractor could ultimately lead to a maliciously crafted URL that is matched by one of the vulnerable extractors. Hypothetically, an attacker could create a website with an inconspicuous URL and legitimate-looking media content that would serve an HTTP redirect to a maliciously crafted URL when it detects a request from yt-dlp.

References

https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm
https://nvd.nist.gov/vuln/detail/CVE-2026-26331
https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21
https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "yt-dlp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2023.06.21"
            },
            {
              "fixed": "2026.02.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-26331"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-23T22:13:58Z",
    "nvd_published_at": "2026-02-24T03:16:01Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nWhen yt-dlp\u0027s `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user\u0027s system with a maliciously crafted URL.\n\n### Impact\nyt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without `--netrc-cmd` in their arguments or `netrc_cmd` in their scripts are unaffected. No evidence has been found of this exploit being used in the wild.\n\n### Patches\nyt-dlp version 2026.02.21 fixes this issue by validating all netrc \"machine\" values and raising an error upon unexpected input.\n\n### Workarounds\nIt is recommended to upgrade yt-dlp to version 2026.02.21 as soon as possible.\n\nUsers who are unable to upgrade should avoid using the `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter), or they should at least not pass a placeholder (`{}`) in their `--netrc-cmd` argument.\n\n### Details\nyt-dlp\u0027s `--netrc-cmd` option can be used to run any arbitrary shell command to retrieve site login credentials so that the user doesn\u0027t have to store the credentials as plaintext in the filesystem. The `--netrc-cmd` argument is a shell command with an optional placeholder (`{}`). If the placeholder is present in the argument, it is replaced with the netrc \"machine\" value, which specifies the site for which login credentials are needed.\n\nThe netrc \"machine\" value is usually explicitly defined in yt-dlp\u0027s extractor code for a given site. However, yt-dlp has four extractors where the netrc \"machine\" value needs to be dynamically sourced from the site\u0027s hostname. And in three of those extractors (`GetCourseRuIE`, `TeachableIE` and `TeachableCourseIE`), wildcard matches are allowed for one or more subdomains of the hostname. This can result in a netrc \"machine\" value that contains special shell characters.\n\nThe `--netrc-cmd` argument is executed by a modified version of Python\u0027s `subprocess.Popen` with `shell=True`, which means that any special characters may be interpreted by the host shell, potentially leading to arbitrary command injection.\n\nHere is an example of maliciously crafted URL input that exploits the vulnerability:\n\n```cmd\n\u003e yt-dlp --netrc-cmd \"echo {}\" \"https://;echo pwned\u003e\u00262;#.getcourse.ru/video\"\n[GetCourseRu] Executing command: echo getcourseru\nWARNING: [GetCourseRu] Failed to parse .netrc: bad toplevel token \u0027getcourseru\u0027 (-, line 2)\n[GetCourseRu] Extracting URL: https://;echo pwned\u003e\u00262;#.getcourse.ru/video\n[GetCourseRu] Executing command: echo ;echo pwned\u003e\u00262;\npwned\n[GetCourseRu] No authenticators for ;echo pwned\u003e\u00262;\n[GetCourseRu] video: Downloading webpage\n```\n\nAlthough only 3 of yt-dlp\u0027s extractors are directly susceptible to this attack, yt-dlp\u0027s \"generic\" extractor will follow HTTP redirects and try to match the resulting URL with one of the dedicated extractors. This means that any URL processed by the generic extractor could ultimately lead to a maliciously crafted URL that is matched by one of the vulnerable extractors. Hypothetically, an attacker could create a website with an inconspicuous URL and legitimate-looking media content that would serve an HTTP redirect to a maliciously crafted URL when it detects a request from yt-dlp.\n\n\n### References\n- https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm\n- https://nvd.nist.gov/vuln/detail/CVE-2026-26331\n- https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21\n- https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a",
  "id": "GHSA-g3gw-q23r-pgqm",
  "modified": "2026-02-24T16:08:35Z",
  "published": "2026-02-23T22:13:58Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26331"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/yt-dlp/yt-dlp"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option"
}

FKIE_CVE-2026-26331

Vulnerability from fkie_nvd - Published: 2026-02-24 03:16 - Updated: 2026-02-25 19:32

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a	Patch
security-advisories@github.com	https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21	Product, Release Notes
security-advisories@github.com	https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm	Exploit, Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	yt-dlp_project	yt-dlp	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yt-dlp_project:yt-dlp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B9D4B5-A1FA-4317-A911-DF469B09D3D5",
              "versionEndExcluding": "2026.02.21",
              "versionStartIncluding": "2023.06.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 and prior to version 2026.02.21, when yt-dlp\u0027s `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user\u0027s system with a maliciously crafted URL. yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts. Even though the maliciously crafted URL itself will look very suspicious to many users, it would be trivial for a maliciously crafted webpage with an inconspicuous URL to covertly exploit this vulnerability via HTTP redirect. Users without `--netrc-cmd` in their arguments or `netrc_cmd` in their scripts are unaffected. No evidence has been found of this exploit being used in the wild. yt-dlp version 2026.02.21 fixes this issue by validating all netrc \"machine\" values and raising an error upon unexpected input. As a workaround, users who are unable to upgrade should avoid using the `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter), or they should at least not pass a placeholder (`{}`) in their `--netrc-cmd` argument."
    },
    {
      "lang": "es",
      "value": "yt-dlp es un descargador de audio/v\u00eddeo de l\u00ednea de comandos. A partir de la versi\u00f3n 2023.06.21 y antes de la versi\u00f3n 2026.02.21, cuando se utiliza la opci\u00f3n de l\u00ednea de comandos \u0027--netrc-cmd\u0027 de yt-dlp (o el par\u00e1metro de API de Python \u0027netrc_cmd\u0027), un atacante podr\u00eda lograr una inyecci\u00f3n de comandos arbitraria en el sistema del usuario con una URL creada maliciosamente. Los encargados del mantenimiento de yt-dlp asumen que el impacto de esta vulnerabilidad es alto para cualquiera que use \u0027--netrc-cmd\u0027 en su comando/configuraci\u00f3n o \u0027netrc_cmd\u0027 en sus scripts de Python. Aunque la URL creada maliciosamente en s\u00ed parecer\u00e1 muy sospechosa para muchos usuarios, ser\u00eda trivial explotar encubiertamente esta vulnerabilidad a trav\u00e9s de una redirecci\u00f3n HTTP para una p\u00e1gina web creada maliciosamente con una URL discreta . Los usuarios sin \u0027--netrc-cmd\u0027 en sus argumentos o \u0027netrc_cmd\u0027 en sus scripts no se ven afectados. No se ha encontrado evidencia de que este exploit se est\u00e9 utilizando. La versi\u00f3n 2026.02.21 de yt-dlp soluciona este problema validando todos los valores de \u0027machine\u0027 de netrc y generando un error ante una entrada inesperada. Como soluci\u00f3n alternativa, los usuarios que no puedan actualizarse deben evitar usar la opci\u00f3n de l\u00ednea de comandos \u0027--netrc-cmd\u0027 (o el par\u00e1metro de API de Python \u0027netrc_cmd\u0027), o al menos no deben pasar un marcador de posici\u00f3n (\u0027{}\u0027) en su argumento \u0027--netrc-cmd\u0027."
    }
  ],
  "id": "CVE-2026-26331",
  "lastModified": "2026-02-25T19:32:30.417",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-02-24T03:16:01.710",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/yt-dlp/yt-dlp/commit/1fbbe29b99dc61375bf6d786f824d9fcf6ea9c1a"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Product",
        "Release Notes"
      ],
      "url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2026.02.21"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-g3gw-q23r-pgqm"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-26331 (GCVE-0-2026-26331)

GHSA-G3GW-Q23R-PGQM

Summary

Impact

Patches

Workarounds

Details

References

FKIE_CVE-2026-26331

Tags

Sightings

Nomenclature