Lucene search
K

5 matches found

NVD
NVD
added 2026/05/03 4:15 p.m.29 views

CVE-2026-7702

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

6.9CVSS0.00314EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/03 3:45 p.m.6 views

CVE-2026-7702 toeverything AFFiNE Public Markdown Preview Endpoint :docId allowDocPreview authorization

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

6.9CVSS5.8AI score0.00314EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 3:45 p.m.14 views

CVE-2026-7702

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

6.9CVSS5.5AI score0.00314EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/03 3:45 p.m.54 views

CVE-2026-7702 toeverything AFFiNE Public Markdown Preview Endpoint :docId allowDocPreview authorization

A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...

6.9CVSS0.00314EPSS
Exploits0References4
CVE
CVE
added 2026/05/03 3:45 p.m.27 views

CVE-2026-7702

Summary: CVE-2026-7702 affects toeverything AFFiNE up to version 0.26.3, specifically the Public Markdown Preview Endpoint’s function allowDocPreview in /workspace/:workspaceId/:docId. The issue yields an authorization bypass and can be exploited remotely. The exploit is publicly available per th...

6.9CVSS5.8AI score0.00314EPSS
Exploits0References4
Rows per page
Query Builder