CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

264 matches found

EUVD-2026-34018

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.0004EPSS

Exploits0References3

CVE•added 3 days ago•11 views

CVE-2026-30586

This CVE concerns Cross Site Scripting in the open-source project usememos Memos v0.26.0. The vulnerability affects the memo rendering path and related views (SANITIZE_SCHEMA, Memo Rendering Component, and Public/Private Memo View pages). Root cause details are not explicitly provided beyond the ...

6.1CVSS5.8AI score0.0004EPSS

Exploits0References2

Positive Technologies•added 3 days ago•8 views

PT-2026-45825

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE SCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.0004EPSS

Exploits0References3

Cvelist•added 3 days ago•26 views

CVE-2026-30586

0.0004EPSS

Exploits0References2

SUSE CVE•added 2026/01/06 12:25 a.m.•2 views

SUSE CVE-2025-65797

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service DoS...

6.5CVSS6.9AI score0.00129EPSS

Exploits1References2

SUSE CVE•added 2026/01/06 12:25 a.m.•2 views

SUSE CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

5.4CVSS6.9AI score0.00042EPSS

Exploits1References2

OSV•added 2025/12/15 7:37 p.m.•3 views

GO-2025-4217 memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos...

7.5CVSS6.9AI score0.00056EPSS

Exploits1References7

OSV•added 2025/12/15 7:37 p.m.•1 views

GO-2025-4215 memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos...

4.3CVSS6.8AI score0.00042EPSS

Exploits1References7

RedhatCVE•added 2025/12/09 12:11 a.m.•2 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

4.3CVSS7.1AI score0.00046EPSS

Exploits1References1

EUVD•added 2025/12/08 6:30 p.m.•2 views

EUVD-2025-201723

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.3AI score0.00056EPSS

Exploits1References5

OSV•added 2025/12/08 6:30 p.m.•3 views

GHSA-MG56-WC4Q-RW4W memos vulnerability allows the creation of arbitrary accounts

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.8AI score0.00056EPSS

Exploits1References8

OSV•added 2025/12/08 6:30 p.m.•1 views

GHSA-8JCJ-G9F4-QX42 memos vulnerability allows arbitrarily reactions deletion

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.8AI score0.00042EPSS

Exploits1References8

OSV•added 2025/12/08 5:16 p.m.•2 views

CVE-2025-65795

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.8AI score

Exploits0References4

OSV•added 2025/12/08 4:15 p.m.•2 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.8AI score

Exploits0References4

Vulnrichment•added 2025/12/08 12:0 a.m.•1 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

6.5AI score0.00042EPSS

Exploits1References4

Cvelist•added 2025/12/08 12:0 a.m.•14 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

0.00042EPSS

Exploits1References4

Vulnrichment•added 2025/12/08 12:0 a.m.•1 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

6.5AI score0.00042EPSS

Exploits1References4

Positive Technologies•added 2025/12/08 12:0 a.m.•1 views

PT-2025-49565

Name of the Vulnerable Software and Affected Versions usememos memos version 0.25.2 Description An access control issue exists in usememos memos version 0.25.2. Attackers with limited privileges can delete reactions created by other users on Memos. The issue involves insufficient restrictions on...

4.3CVSS6.5AI score0.00042EPSS

Exploits1References9

Vulnrichment•added 2025/12/08 12:0 a.m.•3 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

6.7AI score0.00046EPSS

Exploits1References4

Cvelist•added 2025/12/08 12:0 a.m.•17 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

0.00046EPSS

Exploits1References4