Known Vulnerabilities for Download From Files by Download-from-files

Listed below are 10 of the newest known vulnerabilities associated with "Download From Files" by "Download-from-files".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-57079 json Net::BitTorrent versions through 2.0.1 for Perl write files outside the download directory via path traversal in peer-supplie... Not Provided 2026-06-30 2026-06-30
CVE-2026-56448 json A path traversal vulnerability exists in AIL Framework before the release containing commit 0041456af25da0cdea1c1c4624e46baff... Not Provided 2026-06-22 2026-06-22
CVE-2026-55439 json Halo is an open source website building tool. Prior to 2.24.3, a path traversal vulnerability in the backup download endpoint... Not Provided 2026-06-25 2026-06-25
CVE-2026-55201 json Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a path traversal vulnerability in the download_dir() function that ... Not Provided 2026-06-17 2026-06-18
CVE-2026-54093 json File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified... Not Provided 2026-06-25 2026-06-25
CVE-2026-53729 json DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download (/expo... Not Provided 2026-07-07 2026-07-08
CVE-2026-50023 json yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, a vulnerability exists in yt-dlp that allows a remote a... Not Provided 2026-06-23 2026-06-25
CVE-2026-49742 json Backend users with file download permissions were able to download files from the fallback storage of the file abstraction la... Not Provided 2026-06-09 2026-06-09
CVE-2026-48055 json Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a hi... Not Provided 2026-06-17 2026-06-17
CVE-2026-47782 json Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL valida... Not Provided 2026-05-20 2026-05-21
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report