CVE-2026-33955
- EPSS 0.05%
- Veröffentlicht 27.03.2026 21:27:31
- Zuletzt bearbeitet 02.04.2026 14:16:30
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an a...
CVE-2026-33976
- EPSS 0.14%
- Veröffentlicht 27.03.2026 21:26:10
- Zuletzt bearbeitet 31.03.2026 18:21:36
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserve...
CVE-2026-31876
- EPSS 0.04%
- Veröffentlicht 11.03.2026 18:17:08
- Zuletzt bearbeitet 17.03.2026 15:59:17
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to 3.3.9, a Stored Cross-Site Scripting (XSS) vulnerability existed in Notesnook's editor embed component when rendering Twitter/X embed URLs. The tweetToEmbed() function in ...