CNNVD-202601-4282 Information

CNNVD ID

CNNVD-202601-4282

Related CVE

CVE-2026-24139

• CNNVD Published: 2026-01-24

Description (Chinese)

MyTube是Peifan Li个人开发者的一个视频自托管下载器和播放器。 MyTube 1.7.78及之前版本存在安全漏洞，该漏洞源于数据库导出端点权限验证不当，可能导致低权限用户访问敏感数据。

Description (English)

MyTube is a video self-hosted downloader and player for Peifan Li personal developer. There is a security loophole in MyTube 1.7.78 and earlier versions, which stems from the inappropriate validation of end-point export permissions in the database and may lead to access to sensitive data by low-licensed users.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-24

Last Modified

2026-02-24

References

https://github.com/franklioxygen/MyTube/security/advisories/GHSA-hhc3-8q8c-89q7 https://github.com/franklioxygen/MyTube/commit/e271775e27d51b26e54731b7b874447f47a1f280 https://access.redhat.com/security/cve/cve-2026-24139

Patch

https://github.com/franklioxygen/MyTube/tags