CVE-2025-7346
Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages
| Software | From | Fixed in |
|---|---|---|
pyload-ng
|
- | 0.5.0b3.dev88.x |
- https://github.com/pyload/pyload/blob/4159a1191ec4fe6d927e57a9c4bb8f54e16c381d/src/pyload/webui/app/blueprints/cnl_blueprint.py#L21-L36
- https://github.com/pyload/pyload/blob/4159a1191ec4fe6d927e57a9c4bb8f54e16c381d/src/pyload/webui/app/blueprints/cnl_blueprint.py#L56-L58C11
- https://github.com/pyload/pyload/commit/f4e2d12416ba2dfac7b036d5c8d6dab5461b9840
- https://github.com/pyload/pyload/security/advisories/GHSA-x698-5hjm-w2m5
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime