12965 matches found
Trilium Notes 安全漏洞
Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained security vulnerabilities. These vulnerabilities stemmed from Electron configurations that could be...
PT-2026-42225
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Versions 0.102.1 and prior contain a critical security flaw where lack of SVG sanitization combined with a disabled Content Security Policy CSP and a publicly reachable...
Trilium Notes 访问控制错误漏洞
Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained an access control vulnerability. This vulnerability stemmed from the Clipper API completely...
Trilium Notes 路径遍历漏洞
Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a path traversal vulnerability. This vulnerability originated from local files and could allow...
CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
CVE-2026-39309
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
CVE-2026-39309
CVE-2026-39309 affects Trilium Notes before v0.102.2. The Electron configuration allows a RunAsNode fuse to launch the app in a special Node.js mode (-e) that can execute arbitrary commands with Trilium’s permissions, enabling a local attacker to spoof macOS TCC prompts. An attacker could trigger...
EUVD-2026-31008
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.11.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-140.11.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
CVE-2026-35593 Trilium Notes has Local File Inclusion via upload modified file API endpoint
Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...
CVE-2026-35593 Trilium Notes has Local File Inclusion via upload modified file API endpoint
Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...
CVE-2026-35593
Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...
EUVD-2026-31007
Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...
CVE-2026-34600
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer shared with them, related to but not fully fixed by the prior...
CVE-2026-34600
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer shared with them, related to but not fully fixed by the prior...
EUVD-2026-31001
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer shared with them, related to but not fully fixed by the prior...
Low: Red Hat Security Advisory: NetworkManager security update
An update for NetworkManager is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.16 bug fix and security update
Red Hat OpenShift Container Platform release 4.21.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...