GHSA-F7J3-774F-RFHJ
Vulnerability from github – Published: 2026-06-16 20:16 – Updated: 2026-06-16 20:16Summary
If curl is used an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect or when the host for download fragments differs from their parent manifest's.
This is the equivalent to GHSA-v8mc-9377-rwjj for the curl downloader. The vulnerable behavior is present in yt-dlp released since 2023.09.24.
Details
At the file download stage, the cookies are passed by yt-dlp to the file downloader via --cookie. However, unless these are loaded from a file, this operation does not activate the cookie engine. As a result, curl will send cookies with requests to domains or paths for which the cookies are not scoped.
An example of a potential attack scenario exploiting this vulnerability:
1. an attacker has crafted a malicious website with an embedded URL designed to be detected by yt-dlp as a video download. This embedded URL has the domain of a trusted site that the user has loaded cookies for, and conducts an unvalidated redirect to a target URL.
2. yt-dlp extracts this URL and calculates the cookies which are then passed to curl.
3. the download URL redirects to a server controlled by the attacker, to which curl forwards the user's sensitive cookie information.
Patches
yt-dlp version 2026.06.09 fixes this issue by doing the following:
- Pass the cookies through stdin via
--cookie -ifcurlis version 7.59 or higher. - Pass the cookies via
--cookie /dev/fd/0if the system supports this device file. - In all other cases create a temporary file, save the cookies and then pass via
--cookie <file>.
Workarounds
It is recommended to upgrade yt-dlp to version 2026.06.09 as soon as possible.
For users who are not able to upgrade:
- Do not use
--downloader curl.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "yt-dlp"
},
"ranges": [
{
"events": [
{
"introduced": "2023.9.24"
},
{
"fixed": "2026.6.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-50019"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-16T20:16:56Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Summary\nIf curl is used an external downloader for yt-dlp, cookies may be leaked to an unintended host upon HTTP redirect or when the host for download fragments differs from their parent manifest\u0027s.\n\nThis is the equivalent to [GHSA-v8mc-9377-rwjj](\u003chttps://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj\u003e) for the `curl` downloader. The vulnerable behavior is present in [yt-dlp](https://github.com/yt-dlp/yt-dlp) released since 2023.09.24.\n\n### Details\nAt the file download stage, the cookies are passed by yt-dlp to the file downloader via `--cookie`. However, unless these are loaded from a file, this operation does not activate the cookie engine. As a result, `curl` will send cookies with requests to domains or paths for which the cookies are not scoped.\n\nAn example of a potential attack scenario exploiting this vulnerability:\n1. an attacker has crafted a malicious website with an embedded URL designed to be detected by yt-dlp as a video download. This embedded URL has the domain of a trusted site that the user has loaded cookies for, and conducts an [unvalidated redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) to a target URL.\n2. yt-dlp extracts this URL and calculates the cookies which are then passed to `curl`.\n3. the download URL redirects to a server controlled by the attacker, to which `curl` forwards the user\u0027s sensitive cookie information.\n\n### Patches\nyt-dlp version 2026.06.09 fixes this issue by doing the following:\n\n- Pass the cookies through stdin via `--cookie -` if `curl` is version 7.59 or higher.\n- Pass the cookies via `--cookie /dev/fd/0` if the system supports this device file.\n- In all other cases create a temporary file, save the cookies and then pass via `--cookie \u003cfile\u003e`.\n\n### Workarounds\nIt is recommended to upgrade yt-dlp to version 2026.06.09 as soon as possible.\n\nFor users who are not able to upgrade:\n\n- Do not use `--downloader curl`.",
"id": "GHSA-f7j3-774f-rfhj",
"modified": "2026-06-16T20:16:56Z",
"published": "2026-06-16T20:16:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-f7j3-774f-rfhj"
},
{
"type": "WEB",
"url": "https://github.com/yt-dlp/yt-dlp/commit/2726572520238356bcf64aba2040228648b44c82"
},
{
"type": "PACKAGE",
"url": "https://github.com/yt-dlp/yt-dlp"
},
{
"type": "WEB",
"url": "https://github.com/yt-dlp/yt-dlp-nightly-builds/releases/tag/2026.06.09.230517"
},
{
"type": "WEB",
"url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2026.06.09"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "yt-dlp: File Downloader cookie leak with curl "
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.