Franklioxygen Mytube
7 CVEs affecting Franklioxygen Mytube. Latest disclosed: 2026-03-27. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-23837 | Critical | 9.8 | 2026-01-19 | MyTube is a self-hosted downloader and player for several video websites. A vulnerability present in version 1.7.65 and poetntially earlier versions allows una… |
CVE-2026-23848 | Medium | 6.5 | 2026-01-19 | MyTube is a self-hosted downloader and player for several video websites. Prior to version 1.7.71, a rate limiting bypass via `X-Forwarded-For` header spoofing… |
CVE-2026-24140 | Low | 2.7 | 2026-01-23 | MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below have a Mass Assignment vulnerability in the settings manage… |
CVE-2026-33935 | | 2026-03-27 | MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.72, an unauthenticated attacker can lock out administrator and vi… | |
CVE-2026-33890 | | 2026-03-27 | MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey… | |
CVE-2026-33735 | | 2026-03-27 | MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, an authorization bypass in the `/api/settings/import-database… | |
CVE-2026-24139 | | 2026-01-23 | MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below do not safeguard against authorization bypass, allowing gue… |