In late 2021, I uncovered a vulnerability within Floatplane. This flaw allowed unauthorized users without an active subscription to download videos from the Floatplane CDN freely.

Typically, when downloading videos from Floatplane, a JSON Web Token (JWT) is used as a signature to verify a user’s permission to download a file. However, I found that this signature wasn’t being checked, making downloading files without the JWT possible.

The Floatplane team’s response wasn’t immediate, but they eventually addressed and resolved the issue.

You can read more about it here: