28 matches found
CVE-2026-40265
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/noteID/assets/assetID is registered without authentication middleware, and the backend query does not verify ownership or book visibility. An unauthenticated user who knows...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the asset download process. An attacker can access the full contents of private note assets by sending unauthenticated requests to the /api/notes/noteID/assets/assetID endpoint when valid note and asset IDs are...
Note Mark 安全漏洞
Note Mark is a web-based Markdown note-taking application developed by Leo Spratt. Versions of Note Mark prior to 0.19.1 contained a security vulnerability. This vulnerability stemmed from the asset download endpoint at /api/notes/noteID/assets/assetID, which did not register an authentication...
CVE-2026-40265 Note Mark has Broken Access Control on Asset Download
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/noteID/assets/assetID is registered without authentication middleware, and the backend query does not verify ownership or book visibility. An unauthenticated user who knows...
CVE-2026-40265 Note Mark has Broken Access Control on Asset Download
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/noteID/assets/assetID is registered without authentication middleware, and the backend query does not verify ownership or book visibility. An unauthenticated user who knows...
CVE-2026-40265
CVE-2026-40265 affects Note Mark (versions
Note Mark has Broken Access Control on Asset Download
Summary A broken access control vulnerability allows unauthenticated users to retrieve note assets directly from the asset download endpoint when they know both the note UUID and asset UUID. This exposes the full contents of private note assets without authentication, even when the associated boo...
PT-2026-32120
Name of the Vulnerable Software and Affected Versions Note Mark versions prior to 0.19.2 Description A broken access control issue exists in the asset download endpoint '/api/notes/noteID/assets/assetID'. The endpoint is registered without authentication middleware, and the backend query fails to...
PT-2026-32119
Name of the Vulnerable Software and Affected Versions Note Mark versions prior to 0.19.2 Description A timing side-channel in the login endpoint allows unauthenticated attackers to determine whether a username exists by measuring response time differences. The server performs bcrypt password...
PT-2026-32118
Name of the Vulnerable Software and Affected Versions Note Mark versions prior to 0.19.2 Description A stored same-origin cross-site scripting XSS issue exists where the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type. This method fails to...
CVE-2026-26286
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.16.0, a Server-Side Request Forgery SSRF vulnerability in the asset download endpoint allow...
Server-side Request Forgery (SSRF)
Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the asset download endpoint. An attacker can access internal services, cloud metadata, and private network resources by sending crafted HTTP requests fro...
CVE-2026-26286
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.16.0, a Server-Side Request Forgery SSRF vulnerability in the asset download endpoint allow...
CVE-2026-26286 SillyTavern has Server-Side Request Forgery (SSRF) via Asset Download Endpoint that Allows Reading Internal Services
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.16.0, a Server-Side Request Forgery SSRF vulnerability in the asset download endpoint allow...
CVE-2026-26286 SillyTavern has Server-Side Request Forgery (SSRF) via Asset Download Endpoint that Allows Reading Internal Services
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.16.0, a Server-Side Request Forgery SSRF vulnerability in the asset download endpoint allow...
CVE-2026-26286 SillyTavern has Server-Side Request Forgery (SSRF) via Asset Download Endpoint that Allows Reading Internal Services
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.16.0, a Server-Side Request Forgery SSRF vulnerability in the asset download endpoint allow...
CVE-2026-26286
SillyTavern (local UI for LLMs) has an SSRF in the asset download endpoint prior to v1.16.0. Authenticated users can cause the server to make arbitrary HTTP requests and read full responses, exposing internal services, cloud metadata, and private network resources. The issue is fixed in v1.16.0 b...
SillyTavern 代码问题漏洞
SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.16.0 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing in the asset download endpoint, which could allow authenticated users to make...
PT-2026-20938
Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.16.0 Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech voice models. A Server-Side Request Forgery SSRF exists...
CVE-2026-25633
Statamic is a, Laravel + Git powered CMS designed for building websites. Prior to 5.73.6 and 6.2.5, users without permission to view assets are able are able to download them and view their metadata. Logged-out users and users without permission to access the control panel are unable to take...