MEDIUM
Pyload
CVE published 2026-05-11
CVE-2026-44226
CVE-2026-44226 is an unauthenticated information-disclosure issue in pyLoad/pyload-ng WebUI. If the WebUI is reachable, an attacker can trigger an unhandled exception through the unauthenticated /web/<path:filename> route and receive full Python traceback details in the HTTP response. The issue is fixed in 0.5.0b3.dev100.