Lucene search
K

72 matches found

Cvelist
Cvelist
added 2026/05/20 7:5 p.m.37 views

CVE-2026-39310 Trilium Notes: Authentication Bypass in Clipper API for Electron (Desktop) Builds

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop v0.101.3 allows full authentication bypass when running in an Electron environment. When Trilium detects an...

8.6CVSS0.00391EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 7:5 p.m.7 views

CVE-2026-39310 Trilium Notes: Authentication Bypass in Clipper API for Electron (Desktop) Builds

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop v0.101.3 allows full authentication bypass when running in an Electron environment. When Trilium detects an...

8.6CVSS5.8AI score0.00391EPSS
Exploits0References2
NVD
NVD
added 2026/05/20 12:16 a.m.17 views

CVE-2026-35593

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS0.00621EPSS
Exploits0References2
NVD
NVD
added 2026/05/20 12:16 a.m.22 views

CVE-2026-39309

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS0.00176EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

Trilium Notes 跨站脚本漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large-scale personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from deficiencies such as...

6.8CVSS6.3AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.10 views

PT-2026-42225

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Versions 0.102.1 and prior contain a critical security flaw where lack of SVG sanitization combined with a disabled Content Security Policy CSP and a publicly reachable...

6.8CVSS6.4AI score0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.17 views

PT-2026-42224

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop v0.101.3 allows full authentication bypass when running in an Electron environment. When Trilium detects an...

8.6CVSS5.8AI score0.00391EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.9 views

Trilium Notes 访问控制错误漏洞

Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained an access control vulnerability. This vulnerability stemmed from the Clipper API completely...

8.6CVSS5.8AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Trilium Notes 路径遍历漏洞

Trilium Notes is a hierarchical note application developed by Zadam’s individual developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained a path traversal vulnerability. This vulnerability originated from local files and could allow...

6.8CVSS5.9AI score0.00621EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

Trilium Notes 安全漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.1 contained security vulnerabilities. These vulnerabilities stemmed from Electron configurations that could be...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 11:54 p.m.4 views

CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References4
CVE
CVE
added 2026/05/19 11:54 p.m.19 views

CVE-2026-39309

CVE-2026-39309 affects Trilium Notes before v0.102.2. The Electron configuration allows a RunAsNode fuse to launch the app in a special Node.js mode (-e) that can execute arbitrary commands with Trilium’s permissions, enabling a local attacker to spoof macOS TCC prompts. An attacker could trigger...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 11:54 p.m.44 views

CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 11:54 p.m.8 views

CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 11:54 p.m.13 views

EUVD-2026-31008

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/19 11:54 p.m.11 views

CVE-2026-39309

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/19 11:32 p.m.40 views

CVE-2026-35593 Trilium Notes has Local File Inclusion via upload modified file API endpoint

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS0.00621EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 11:32 p.m.1 views

CVE-2026-35593 Trilium Notes has Local File Inclusion via upload modified file API endpoint

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS6.7AI score0.00621EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/19 11:32 p.m.11 views

CVE-2026-35593 Trilium Notes has Local File Inclusion via upload modified file API endpoint

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS6.5AI score0.00621EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/19 11:32 p.m.9 views

CVE-2026-35593

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS6.5AI score0.00621EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder