CVE-2026-59262
AFFiNE CVE-2026-59262 involves the histories GraphQL field failing to validate Doc.Read permissions before exposing edit histories. The vulnerability allows authenticated workspace members to supply arbitrary document GUIDs and access full edit histories, including user names, emails, and timesta...