pyload-ng vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-54802Criticalpyload-ng: pyLoad CNL Blueprint allows Path Traversal through `dlc_path` which leads to Remote Code Execution…GHSA-3WWM-HJV7-23R3Mediumpyload-ng: Pyload log Injection via API /json/add_package in add_name parameterCVE-2025-54140Highpyload-ng: `pyLoad` has Path Traversal Vulnerability in `json/upload` Endpoint that allows Arbitrary File WriteCVE-2025-53890Criticalpyload-ng: pyLoad vulnerable to XSS through insecure CAPTCHA CVE-2025-7346Highpyload-ng: pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of…CVE-2024-47821Highpyload-ng: pyLoad vulnerable to remote code execution by download to /.pyload/scripts using /flashgot APICVE-2024-39205Criticalpyload-ng: pyload-ng vulnerable to RCE with js2py sandbox escapeCVE-2024-32880Criticalpyload-ng: pyLoad allows upload to arbitrary folder lead to RCECVE-2024-24808Mediumpyload-ng: pyLoad open redirect vulnerability due to improper validation of the is_safe_url functionCVE-2024-22416Criticalpyload-ng: Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalationCVE-2024-21644Highpyload-ng: pyload Unauthenticated Flask Configuration Leakage vulnerabilityCVE-2024-21645Mediumpyload-ng: pyload Log Injection vulnerabilityCVE-2023-47890Highpyload-ng: Download to arbitrary folder can lead to RCECVE-2023-0509Highpyload-ng: Improper Certificate Validation in pyload-ngCVE-2023-0488Mediumpyload-ng: Cross-site Scripting in pyload-ngCVE-2023-0435Criticalpyload-ng: Excessive Attack Surface in pyload-ngCVE-2023-0434Mediumpyload-ng: Improper Input Validation in pyload-ngCVE-2023-0297Criticalpyload-ng: Code Injection in pyload-ngCVE-2023-0227Mediumpyload-ng: Pyload Insufficient Session Expiration vulnerabilityCVE-2023-0057Mediumpyload-ng: pyLoad vulnerable to Improper Restriction of Rendered UI Layers or FramesCVE-2023-0055Mediumpyload-ng: Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Stop the waste.
Protect your environment with Kodem.