CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-29778

pyLoad is a free and open-source download manager written in Python. From version 0.5.0b3.dev13 to 0.5.0b3.dev96, the edit_package() function implements insufficient sanitization for the pack_folder parameter. The current protection relies on a single-pass string replacement of "../", which can be bypassed using crafted recursive traversal sequences. This issue has been patched in version 0.5.0b3.dev97.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 39.7%

CVSS Severity

CVSS v3 Score 7.1

References

https://github.com/pyload/pyload/security/advisories/GHSA-6px9-j4qr-xfjw

Products affected by CVE-2026-29778

Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev13

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev13
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev14

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev14
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev17

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev17
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev18

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev18
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev19

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev19
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev20

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev20
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev21

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev21
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev22

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev22
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev24

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev24
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev26

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev26
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev27

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev27
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev28

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev28
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev29

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev29
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev30

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev30
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev31

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev31
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev32

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev32
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev33

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev33
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev34

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev34
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev35

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev35
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev38

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev38
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev39

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev39
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev40

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev40
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev41

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev41
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev42

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev42
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev43

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev43
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev44

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev44
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev45

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev45
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev46

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev46
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev47

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev47
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev48

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev48
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev49

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev49
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev50

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev50
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev51

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev51
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev52

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev52
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev53

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev53
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev54

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev54
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev57

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev57
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev60

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev60
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev62

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev62
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev64

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev64
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev65

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev65
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev66

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev66
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev67

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev67
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev68

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev68
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev69

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev69
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev70

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev70
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev71

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev71
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev72

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev72
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev73

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev73
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev74

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev74
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev75

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev75
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev76

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev76
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev77

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev77
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev78

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev78
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev79

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev79
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev80

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev80
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev81

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev81
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev82

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev82
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev85

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev85
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev87

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev87
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev88

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev88
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev89

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev89
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev90

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev90
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev91

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev91
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev92

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev92
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev93

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev93
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev94

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev94
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev95

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev95
Pyload-Ng Project » Pyload-Ng » Version: 0.5.0b3.dev96

cpe:2.3:a:pyload-ng_project:pyload-ng:0.5.0b3.dev96

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-29778

Products

Pricing

Contact Us