45 matches found
CVE-2026-15505
A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument pmetaData causes cross site scripting. The attack may be initiated remotely. The vendo...
CVE-2026-15505 vnotex vnote YAML Frontmatter markdownit.js cross site scripting
A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument pmetaData causes cross site scripting. The attack may be initiated remotely. The vendo...
EUVD-2026-43246
A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument pmetaData causes cross site scripting. The attack may be initiated remotely. The vendo...
CVE-2026-15505
The CVE concerns vnotex vnote (up to version 3.20.1) where the YAML Frontmatter component exposes cross-site scripting via the file /src/data/extra/web/js/markdownit.js. The issue arises from manipulation of the argument p_metaData in the YAML Frontmatter code, which can potentially be exploited ...
CVE-2024-39904
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
EUVD-2019-17809
Malware in sbrugna...
EUVD-2024-38293
Malicious code in bioql PyPI...
EUVD-2024-39118
Malicious code in bioql PyPI...
CVE-2024-41662
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
SUSE CVE-2024-41662
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662
CVE-2024-41662 affects the VNote note-taking platform, specifically versions 3.18.1 and prior, where the Markdown rendering component is vulnerable to Cross-Site Scripting (XSS) that can lead to arbitrary JavaScript execution and potential remote code execution. The issue is triggered via Markdow...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE
VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...
VNote 安全漏洞
VNote is an open source cross-platform Markdown note-taking tool from VNote Open Source. A security vulnerability exists in VNote 3.18.1 and earlier versions. An attacker can remotely execute code by exploiting the vulnerability...
PT-2024-29491 · Vnote · Vnote
Name of the Vulnerable Software and Affected Versions: VNote versions 3.18.1 and prior Description: A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of the VNote note-taking application. This issue allows the injection and execution of arbitrary...
SUSE CVE-2024-39904
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
CVE-2024-39904
VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...
CVE-2024-39904
VNote (note‑taking platform) before version 3.18.1 is affected by a code execution vulnerability that can be triggered via crafted notes containing local file references (for example, file:///C:/WINDOWS/system32/cmd.exe or calc.exe). The underlying issue is a local file path handling/URI embeddin...