Special characters like [, ], # and so on makes files unreachable if private file handling is selected. Munging filenames correctly possibly solve this issue. (In the meantime in upload_file_munge() I forced to preg_replace() every special character)
Tested on 5.1 release.