Lemon8866 Streamvault vulnerabilities
2 known vulnerabilities affecting lemon8866/streamvault.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-57799P2HIGHCVSS 8.7fixed in 2508222025-09-01
CVE-2025-57799 [HIGH] CWE-78 CVE-2025-57799: StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after l
StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks against the system, and ultimately gain server privileges. Users of all versions of the StreamVault syst
nvd
CVE-2025-66203P3CRITICALCVSS 9.1fixed in 2511262025-12-27
CVE-2025-66203 [CRITICAL] CWE-78 CVE-2025-66203: StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Executi
StreamVault is a video download integration solution. Prior to version 251126, a Remote Code Execution (RCE) vulnerability exists in the stream-vault application (SpiritApplication). The application allows administrators to configure yt-dlp arguments via the /admin/api/saveConfig endpoint without sufficient validation. These arguments are stored gl
nvd