← Back ⬡ Vulnerabilities & CVEs Apr 21, 2026

CVE-2026-40594 | pyLoad up to 0.5.0b3.dev97 init.py set_session_cookie_secure origin validation (GHSA-mp82-fmj6-f22v)

VulDB Archived Apr 21, 2026 ! Full text unavailable

A vulnerability was found in pyLoad up to 0.5.0b3.dev97 . It has been classified as problematic . Affected by this vulnerability is the function set_session_cookie_secure of the file src/pyload/webui/app/__init__.py . Performing a manipulation results in origin validation error. This vulnerability is known as CVE-2026-40594 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

Full text unavailable — view original

✦ AI Summary · Claude Sonnet

◉Full text unavailable.
Open original ↗

💬 Team Notes

CVE-2026-40594 | pyLoad up to 0.5.0b3.dev97 __init__.py set_session_cookie_secure origin validation (GHSA-mp82-fmj6-f22v)

CVE-2026-40594 | pyLoad up to 0.5.0b3.dev97 init.py set_session_cookie_secure origin validation (GHSA-mp82-fmj6-f22v)