CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

CVE-2020-13887

documentsadd.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder...

CVE-2020-13887

documentsadd.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder...

Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited this vulnerability could trick a user into allowing access to the user’s My Documents folder. For an attack to be successful, an attacker must persuade a...

User Profile name changes from User Name to "My Documents" or "Documents"

Under certain circumstances, the Desktop.ini file may cause the User Profile folder name on the User Store to change from the User Name to "My Documents". If we delete the "desktop.ini" file in the "My Documents" folder, it changes the folder name back to the correct user name...