Deluge-Torrent: >> Deluge >> 1.3.15 Security Vulnerabilities
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-03-22
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-03-22
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's browser session.
CVSS Score
6.1
EPSS Score
0.006
Published
2022-08-26