Lucene search
+L

265 matches found

redhatcve
redhatcve
added 2026/06/05 7:47 p.m.13 views

CVE-2026-6634

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

6.5CVSS6AI score0.00252EPSS
Exploits0References1
euvd
euvd
added 2026/06/02 9:30 p.m.12 views

EUVD-2026-34018

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.00224EPSS
Exploits0References3
cve
cve
added 2026/06/02 12:0 a.m.23 views

CVE-2026-30586

This CVE concerns Cross Site Scripting in the open-source project usememos Memos v0.26.0. The vulnerability affects the memo rendering path and related views (SANITIZE_SCHEMA, Memo Rendering Component, and Public/Private Memo View pages). Root cause details are not explicitly provided beyond the ...

6.1CVSS5.8AI score0.00224EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/02 12:0 a.m.35 views

CVE-2026-30586

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

0.00224EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/02 12:0 a.m.24 views

PT-2026-45825

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE SCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.00224EPSS
Exploits0References3
susecve
susecve
added 2026/01/06 12:25 a.m.7 views

SUSE CVE-2025-65797

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service DoS...

6.5CVSS6.9AI score0.00245EPSS
Exploits1References2
susecve
susecve
added 2026/01/06 12:25 a.m.9 views

SUSE CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

5.4CVSS6.9AI score0.00156EPSS
Exploits1References2
osv
osv
added 2025/12/15 7:37 p.m.5 views

GO-2025-4215 memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos...

4.3CVSS6.8AI score0.00173EPSS
Exploits1References7
osv
osv
added 2025/12/15 7:37 p.m.9 views

GO-2025-4217 memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos...

7.5CVSS6.9AI score0.00223EPSS
Exploits1References7
redhatcve
redhatcve
added 2025/12/09 12:11 a.m.5 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

4.3CVSS7.1AI score0.00185EPSS
Exploits1References1
euvd
euvd
added 2025/12/08 6:30 p.m.7 views

EUVD-2025-201723

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.3AI score0.00223EPSS
Exploits1References5
osv
osv
added 2025/12/08 6:30 p.m.5 views

GHSA-MG56-WC4Q-RW4W memos vulnerability allows the creation of arbitrary accounts

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.8AI score0.00223EPSS
Exploits1References8
osv
osv
added 2025/12/08 6:30 p.m.6 views

GHSA-8JCJ-G9F4-QX42 memos vulnerability allows arbitrarily reactions deletion

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.8AI score0.00173EPSS
Exploits1References8
vulnrichment
vulnrichment
added 2025/12/08 12:0 a.m.2 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

6.5AI score0.00156EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/12/08 12:0 a.m.2 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

6.5AI score0.00173EPSS
Exploits1References3
osv
osv
added 2025/12/08 12:0 a.m.6 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.8AI score0.00173EPSS
Exploits1References4
cvelist
cvelist
added 2025/12/08 12:0 a.m.33 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

0.00173EPSS
Exploits1References2
cvelist
cvelist
added 2025/12/08 12:0 a.m.30 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

0.00185EPSS
Exploits1References2
cvelist
cvelist
added 2025/12/08 12:0 a.m.30 views

CVE-2025-65795

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

0.00223EPSS
Exploits1References2
cvelist
cvelist
added 2025/12/08 12:0 a.m.25 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

0.00156EPSS
Exploits1References2
Rows per page
Query Builder