CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/20 7:5 p.m.•25 views

CVE-2026-39310 Trilium Notes: Authentication Bypass in Clipper API for Electron (Desktop) Builds

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop v0.101.3 allows full authentication bypass when running in an Electron environment. When Trilium detects an...

8.6CVSS0.00072EPSS

Vulnrichment•added 2026/05/20 7:5 p.m.•3 views

CVE-2026-39310 Trilium Notes: Authentication Bypass in Clipper API for Electron (Desktop) Builds

8.6CVSS5.8AI score0.00072EPSS

RedHat Linux•added 2026/05/20 9:8 a.m.•10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.23 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

10CVSS7.1AI score0.00148EPSS

Exploits11References14

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in the .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the “startupxen” entry point. This information is used before booting...

5.5CVSS6.2AI score0.00023EPSS

NVD•added 2026/05/20 12:16 a.m.•5 views

CVE-2026-35593

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS0.00135EPSS

NVD•added 2026/05/20 12:16 a.m.•6 views

CVE-2026-39309

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS0.00005EPSS

CNNVD•added 2026/05/20 12:0 a.m.•5 views

Trilium Notes 跨站脚本漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large-scale personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from deficiencies such as...

6.8CVSS6.3AI score0.00126EPSS

Positive Technologies•added 2026/05/20 12:0 a.m.•7 views

PT-2026-42224

8.6CVSS5.8AI score0.00072EPSS

Exploits0References3

CNNVD•added 2026/05/20 12:0 a.m.•6 views

Trilium Notes 安全漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained security vulnerabilities. These vulnerabilities stemmed from Electron configurations that could be...

5.5CVSS5.9AI score0.00005EPSS

CNNVD•added 2026/05/20 12:0 a.m.•3 views

Trilium Notes 访问控制错误漏洞

Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained an access control vulnerability. This vulnerability stemmed from the Clipper API completely...

8.6CVSS5.8AI score0.00072EPSS

Positive Technologies•added 2026/05/20 12:0 a.m.•6 views

PT-2026-42225

6.8CVSS6.4AI score0.00126EPSS

Exploits0References3

CNNVD•added 2026/05/20 12:0 a.m.•5 views

Trilium Notes 路径遍历漏洞

Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a path traversal vulnerability. This vulnerability originated from local files and could allow...

6.8CVSS5.9AI score0.00135EPSS

ATTACKERKB•added 2026/05/19 11:54 p.m.•4 views

CVE-2026-39309

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/19 11:54 p.m.•5 views

CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Cvelist•added 2026/05/19 11:54 p.m.•30 views

CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

5.5CVSS0.00005EPSS

CVE•added 2026/05/19 11:54 p.m.•8 views

CVE-2026-39309

CVE-2026-39309 affects Trilium Notes before v0.102.2. The Electron configuration allows a RunAsNode fuse to launch the app in a special Node.js mode (-e) that can execute arbitrary commands with Trilium’s permissions, enabling a local attacker to spoof macOS TCC prompts. An attacker could trigger...

EUVD•added 2026/05/19 11:54 p.m.•6 views

EUVD-2026-31008