Lucene search
+L

5 matches found

osv
osv
added 2026/06/25 10:34 p.m.4 views

GO-2026-5557 Note Mark: OIDC-registered users authenticated by submitting password "null" in github.com/enchant97/note-mark/backend

Note Mark: OIDC-registered users authenticated by submitting password "null" in github.com/enchant97/note-mark/backend...

9.4CVSS5.8AI score0.00296EPSS
Exploits0References4
osv
osv
added 2026/06/25 10:34 p.m.5 views

GO-2026-5530 Note Mark has Broken Access Control on Asset Download in github.com/enchant97/note-mark/backend

Note Mark has Broken Access Control on Asset Download in github.com/enchant97/note-mark/backend...

5.9CVSS5.8AI score0.00409EPSS
Exploits0References4
osv
osv
added 2026/06/25 6:43 p.m.6 views

GO-2026-5389 Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution in github.com/enchant97/note-mark/backend

Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leads to Remote Code Execution in github.com/enchant97/note-mark/backend...

8.6CVSS6AI score0.00495EPSS
Exploits0References3
osv
osv
added 2026/06/25 6:26 p.m.7 views

GO-2026-5085 Note Mark: Unauthenticated read of notes and assets in soft-deleted public books in github.com/enchant97/note-mark/backend

Note Mark: Unauthenticated read of notes and assets in soft-deleted public books in github.com/enchant97/note-mark/backend...

5.3CVSS5.8AI score0.00194EPSS
Exploits0References4
snyk
snyk
added 2026/05/14 9:25 p.m.9 views

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to insufficient enforcement of length and entropy requirements for the JWTSECRET configuration value. An attacker can gain unauthorized access to user accounts by forging authentication tokens using we...

10CVSS5.8AI score0.00124EPSS
Exploits0References2
Rows per page
Query Builder