CVE-2026-23482

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the file server endpoint does not perform permission checks on the temp/ path and does not filter path traversal sequences, allowing unauthorized attackers to read arbitrary files on the server. When scheduled backup tasks...

PT-2025-6212 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX versions 1.8.0 through 1.8.3 SoftwareX versions prior to 1.8.0 Description: The issue allows restricted information to be viewed through the main text, a feature introduced in version 1.8.0. This affects the frame publishing functio...