Lucene search
K

129 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-58486

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable to a YAML alias bomb due to unsafe processing of the note frontmatter. HedgeDoc parsed frontmatter with js-yaml.load js-yaml v3 via @hedgedoc/meta-marked, which...

8.3CVSS0.00235EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-58489

HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not...

6.8CVSS0.00126EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-58489 HedgeDoc: CSRF in GitHub Gist export callback

HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not...

6.8CVSS0.00126EPSS
Exploits0References2
CVE
CVE
added 2 days ago9 views

CVE-2026-58489

HedgeDoc prior to v1.11.0 is vulnerable to a CSRF-like flaw in the GitHub Gist export callback. The OAuth2 state value was only checked for presence, not validated against the user session, allowing an attacker to craft a callback URL with their own valid GitHub OAuth code. When a logged-in victi...

6.8CVSS6.1AI score0.00126EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-58487

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, due to unsafe handling of the local-part of registered email addresses, HedgeDoc was vulnerable to stored HTML Injection through its publish and slide views. An attacker could register a...

5.1CVSS0.00358EPSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-58488

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Versions prior to 1.11.0 allowed attackers to circumvent the rate-limiting of the /login and /register routes by spoofing IP addresses. HedgeDoc instances checked for CloudFlare's cf-connecting-ip header and used th...

6.9CVSS0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-58486 HedgeDoc: Denial-of-service via YAML alias expansion in note frontmatter

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable to a YAML alias bomb due to unsafe processing of the note frontmatter. HedgeDoc parsed frontmatter with js-yaml.load js-yaml v3 via @hedgedoc/meta-marked, which...

8.3CVSS0.00235EPSS
Exploits0References2
CVE
CVE
added 2 days ago6 views

CVE-2026-58486

CVE-2026-58486: HedgeDoc prior to 1.11.0 is vulnerable to a YAML alias bomb in note frontmatter. HedgeDoc parses frontmatter with js-yaml.load (js-yaml v3) via @hedgedoc/meta-marked, resolving YAML anchors and potentially expanding a malicious payload into a huge object, consuming CPU on each req...

8.3CVSS6.1AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2 days ago5 views

CVE-2026-58487

HedgeDoc before version 1.11.0 is vulnerable to stored HTML injection via the local-part of registered email addresses. An attacker could register a specially crafted email, reuse the local-part as the display name, and inject HTML into pages viewed by others (publish, slide views, and collaborat...

5.1CVSS6.2AI score0.00358EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-58488 HedgeDoc: Rate-limit bypass via CF-Connecting-IP header spoofing

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Versions prior to 1.11.0 allowed attackers to circumvent the rate-limiting of the /login and /register routes by spoofing IP addresses. HedgeDoc instances checked for CloudFlare's cf-connecting-ip header and used th...

6.9CVSS0.00295EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-58488

CVE-2026-58488 affects HedgeDoc versions prior to 1.11.0. The vulnerability arises from the login/register rate-limit logic which, when a cf-connecting-ip header is present, uses that header instead of the user’s real IP—even if requests did not originate from Cloudflare. This allowed an attacker...

6.9CVSS6.2AI score0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57919

Name of the Vulnerable Software and Affected Versions HedgeDoc versions prior to 1.11.0 Description Unsafe processing of note frontmatter allows a YAML alias bomb, where a compact malicious payload expands into a massive object structure. This occurs because the application uses js-yaml.load...

8.3CVSS6.1AI score0.00235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/07 7:31 p.m.5 views

CVE-2026-25642

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

6.1CVSS5.3AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/02/06 8:16 p.m.6 views

CVE-2026-25642

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

6.1CVSS0.00194EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/06 7:23 p.m.6 views

EUVD-2026-5588

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS5.3AI score0.00194EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/06 7:23 p.m.25 views

CVE-2026-25642 HedgeDoc security headers for uploaded files were not working

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS0.00194EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/06 7:23 p.m.6 views

CVE-2026-25642

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS5.4AI score0.00194EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/06 7:23 p.m.5 views

CVE-2026-25642 HedgeDoc security headers for uploaded files were not working

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS5.4AI score0.00194EPSS
Exploits0References4
OSV
OSV
added 2026/02/06 7:23 p.m.6 views

CVE-2026-25642 HedgeDoc security headers for uploaded files were not working

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.6, files served below the /uploads/ endpoint did not use a more strict security-policy. This resulted in a too open Content-Security-Policy and furthermore opened the possibility to host malicious...

4.3CVSS5.4AI score0.00194EPSS
Exploits0References6
CVE
CVE
added 2026/02/06 7:23 p.m.18 views

CVE-2026-25642

CVE-2026-25642 affects HedgeDoc; prior to version 1.10.6, the security policy for files served under /uploads/ was insufficient, resulting in a too open Content-Security-Policy and enabling hosting of malicious interactive content (e.g., fake login forms) via SVG files. The issue is fixed in 1.10...

6.1CVSS5.4AI score0.00194EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder