Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

505 matches found

EUVD
EUVDadded 2 days ago5 views

EUVD-2026-34018

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.00053EPSS
Exploits0References3
NVD
NVDadded 2 days ago9 views

CVE-2026-30586

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

6.1CVSS0.00053EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2 days ago6 views

PT-2026-45825

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE SCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.00053EPSS
Exploits0References3
CVE
CVEadded 2 days ago7 views

CVE-2026-30586

This CVE concerns Cross Site Scripting in the open-source project usememos Memos v0.26.0. The vulnerability affects the memo rendering path and related views (SANITIZE_SCHEMA, Memo Rendering Component, and Public/Private Memo View pages). Root cause details are not explicitly provided beyond the ...

6.1CVSS5.8AI score0.00053EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2 days ago2 views

CVE-2026-30586

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

5.8AI score0.00053EPSS
Exploits0References3
Cvelist
Cvelistadded 2 days ago23 views

CVE-2026-30586

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZESCHEMA, Memo Rendering Component, and Public/Private Memo View pages...

0.00053EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/20 12:32 p.m.1 views

EUVD-2026-23838

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

6.5CVSS6.2AI score0.00014EPSS
Exploits0References5
NVD
NVDadded 2026/04/20 12:16 p.m.3 views

CVE-2026-6634

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

6.5CVSS0.00014EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/20 11:30 a.m.27 views

CVE-2026-6634 usememos UpdateInstanceSetting App.tsx memos_access_token improper authorization

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

6.5CVSS0.00014EPSS
Exploits0References4
CVE
CVEadded 2026/04/20 11:30 a.m.11 views

CVE-2026-6634

UseMemoS memos up to 0.22.1 has a vulnerability in the UpdateInstanceSetting component, specifically the memos_access_token function in src/App.tsx. The issue stems from manipulation of the additionalStyle/additionalScript arguments, leading to improper authorization. Exploitation is possible rem...

6.5CVSS6.2AI score0.00014EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/20 11:30 a.m.3 views

CVE-2026-6634 usememos UpdateInstanceSetting App.tsx memos_access_token improper authorization

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

6.5CVSS6.2AI score0.00014EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.1 views

PT-2026-33756

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos access token of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to b...

6.5CVSS6.2AI score0.00014EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2026/01/06 12:25 a.m.4 views

SUSE CVE-2025-65795

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.9AI score0.00056EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2026/01/06 12:25 a.m.4 views

SUSE CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS7AI score0.00042EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2026/01/06 12:25 a.m.2 views

SUSE CVE-2025-65797

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service DoS...

6.5CVSS6.9AI score0.00129EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2026/01/06 12:25 a.m.2 views

SUSE CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

5.4CVSS6.9AI score0.00042EPSS
Exploits1References2
OSV
OSVadded 2025/12/15 7:37 p.m.3 views

GO-2025-4217 memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos...

7.5CVSS6.9AI score0.00056EPSS
Exploits1References7
OSV
OSVadded 2025/12/15 7:37 p.m.1 views

GO-2025-4215 memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos...

4.3CVSS6.8AI score0.00042EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2025/12/09 12:11 a.m.1 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.9AI score0.00042EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/09 12:11 a.m.1 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

4.3CVSS7.1AI score0.00046EPSS
Exploits1References1
Rows per page
Query Builder