PT-2025-30264 · Yt-Dlp+2 · Yt-Dlp+2
Gamer191
·
Published
2025-07-21
·
Updated
2025-10-14
·
CVE-2025-54072
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
yt-dlp versions 2025.06.25 and below
eslint/plugin-kit version 0.3.3 and earlier
Description
yt-dlp is a command-line audio/video downloader vulnerable to remote code execution on Windows systems when the
--exec option is used with the default placeholder or {}. This is due to insufficient sanitization of the expanded filepath. A previous mitigation for CVE-2024-22423 did not cover the default placeholder and {} expansion.Additionally, @eslint/plugin-kit is affected by a Regular Expression Denial of Service (ReDoS) vulnerability.
Recommendations
yt-dlp versions 2025.06.25 and below: Upgrade to version 2025.07.21 or later.
eslint/plugin-kit versions 0.3.3 and earlier: Upgrade to version 0.3.3 or later.
Exploit
Fix
RCE
DoS
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
@Eslint/Plugin-Kit
Yt-Dlp