31 matches found
CVE-2026-42254
Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...
PT-2026-2917
AliasVault is a privacy-first password manager with built-in email aliasing. AliasVault Android versions 0.24.0 through 0.25.2 contained an issue in how passkey requests from Android apps were validated. Under certain local conditions, a malicious app could attempt to obtain a passkey response fo...
SUSE CVE-2025-65797
Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service DoS...
SUSE CVE-2025-65798
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...
CVE-2025-65796
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...
CVE-2025-65799
A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...
CVE-2025-65795
Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...
memos lacks file name validation or verification
A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...
GHSA-8P44-G572-557H memos vulnerability allows arbitrarily modification or deletion of attachments
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...
EUVD-2025-201726
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...
GHSA-8JCJ-G9F4-QX42 memos vulnerability allows arbitrarily reactions deletion
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...
CVE-2025-65798
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...
CVE-2025-65796
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...
CVE-2025-65795
Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...
CVE-2025-65799
The CVE-2025-65799 entry refers to usememos memos v0.25.2 lacking file name validation in the Attachment service, enabling path traversal. Affected component: github.com/usememos/memos/server/router/api/v1 (Attachment handling). Root cause: missing validation/verification of uploaded file names l...
PT-2025-49567
Name of the Vulnerable Software and Affected Versions usememos memos version 0.25.2 Description A flaw in access control within usememos memos allows attackers with limited privileges to improperly change or remove attachments uploaded by other users. The issue involves insufficient restrictions ...
CVE-2025-65799
A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...
Memos 安全漏洞
Memos is a Memos open source open source hosted meme center with knowledge management and social features. A security vulnerability exists in Memos version v0.25.2, which stems from a lack of filename validation in the attachment service and could lead to a path traversal attack...
Memos 安全漏洞
Memos is a Memos open source open source hosted meme center with knowledge management and social features. A security vulnerability exists in Memos version v0.25.2, which stems from improper access control and could allow a low-privileged attacker to modify or delete attachments from other users...
PT-2025-49565
Name of the Vulnerable Software and Affected Versions usememos memos version 0.25.2 Description An access control issue exists in usememos memos version 0.25.2. Attackers with limited privileges can delete reactions created by other users on Memos. The issue involves insufficient restrictions on...