EUVD-2024-3261

Malicious code in bioql PyPI...

CVE-2025-24028

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is caused by differences between how Joplin's HTML sanitizer handles comments and how the browser handles comments. This affects both the Rich Tex...

PT-2025-6010 · Joplin · Joplin

Name of the Vulnerable Software and Affected Versions: Joplin versions prior to 3.2.12 Description: This issue is caused by differences between how Joplin's HTML sanitizer handles comments and how the browser handles comments, affecting both the Rich Text Editor and the Markdown viewer. However,...

CVE-2024-49362

Joplin is a free, open source note taking and to-do application. Joplin-desktop has a vulnerability that leads to remote code execution RCE when a user clicks on an link within untrusted notes. The issue arises due to insufficient sanitization of tag attributes introduced by the Mermaid. This...

CVE-2024-49362 Remote Code Execution on click of <a> Link in markdown preview

Joplin is a free, open source note taking and to-do application. Joplin-desktop has a vulnerability that leads to remote code execution RCE when a user clicks on an link within untrusted notes. The issue arises due to insufficient sanitization of tag attributes introduced by the Mermaid. This...

PT-2024-13269 · Joplin · Joplin

Name of the Vulnerable Software and Affected Versions: Joplin versions prior to 2.13.3 Description: A remote code execution issue in Joplin allows arbitrary shell commands to be executed when a user clicks on a link in a PDF within an untrusted note. This occurs because Joplin desktop has not...

Jupyter Notebook 跨站脚本漏洞

Jupyter Notebook is a suite of open source web applications for creating and sharing code and illustrative text documents. Jupyter Notebook suffers from a cross-site scripting vulnerability that stems from the fact that in the affected version, untrusted notes can execute code on load and Jupyter...