Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.5 views

CVE-2026-23481

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4...

6.5CVSS5.8AI score0.00375EPSS
Exploits0References1
CVE
CVE
added 2026/03/23 8:50 p.m.9 views

CVE-2026-23485

Blinko, a AI-powered card note-taking project , has a path-traversal vulnerability in the filePath parameter prior to version 1.8.4 , enabling enumeration of server files via differing error responses. The issue is patched in version 1.8.4 ; upgrade to 1.8.4 or later to mitigate.

6.9CVSS5.8AI score0.00302EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/23 8:39 p.m.6 views

EUVD-2026-14529

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability. The upsertUser endpoint has 3 issues: it is missing superAdminAuthMiddleware, any logged-in user can call it; the originalPassword is an optional parameter and if not provided...

5.3CVSS5.8AI score0.00343EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/23 8:33 p.m.2 views

CVE-2026-23481

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4...

5.3CVSS5.8AI score0.00375EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.7 views

PT-2026-27203

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is a privilege escalation vulnerability. The upsertUser endpoint has 3 issues: it is missing superAdminAuthMiddleware, any logged-in user can call it; the originalPassword is an optional parameter and if not provided...

5.3CVSS5.8AI score0.00343EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.3 views

PT-2026-27204

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4...

5.3CVSS5.8AI score0.00375EPSS
Exploits0References4
Rows per page
Query Builder