Is there a public PoC exploit available for CVE-2026-6218?

Yes, a public proof-of-concept exploit is available for CVE-2026-6218. Prioritise patching immediately. EPSS: 0.0%.

Ytdownloader CVE-2026-6218

Q: What is the CVSS score of CVE-2026-6218?

CVE-2026-6218 has a CVSS 4.0 base score of 5.3 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-22089 MEDIUM

Cross-site Scripting (XSS) (CWE-79)

2026-04-13 VulDB

XSS Ytdownloader

5.3

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.3 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

PoC Detected

Apr 22, 2026 - 20:23 vuln.today

Public exploit code

CVSS changed

Apr 13, 2026 - 21:22 NVD

4.3 (MEDIUM) 5.3 (MEDIUM)

EUVD ID Assigned

Apr 13, 2026 - 21:00 euvd

EUVD-2026-22089

CVE Published

Apr 13, 2026 - 20:30 nvd

MEDIUM 5.3

DescriptionCVE.org

A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details Panel. The manipulation results in cross site scripting. The attack may be performed from remote. The vendor was contacted early about this disclosure.

Analysis

A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details Panel. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-6218 vulnerability details – vuln.today

Back