CVE-2026-42090
- EPSS 0.48%
- Veröffentlicht 04.05.2026 16:43:07
- Zuletzt bearbeitet 12.05.2026 18:45:43
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook iOS/Android version 3.3.20, a stored XSS vulnerability in the note export flow can be escalated to remote code ...
CVE-2026-33978
- EPSS 0.29%
- Veröffentlicht 01.04.2026 16:11:56
- Zuletzt bearbeitet 21.04.2026 00:12:14
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to version 3.3.17, a stored XSS vulnerability exists in the mobile share / web clip flow because attacker-controlled clip metadata is concatenated into HTML without escaping ...
CVE-2026-33976
- EPSS 0.71%
- Veröffentlicht 27.03.2026 21:26:10
- Zuletzt bearbeitet 31.03.2026 18:21:36
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserve...
CVE-2026-31876
- EPSS 0.17%
- Veröffentlicht 11.03.2026 18:17:08
- Zuletzt bearbeitet 17.03.2026 15:59:17
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to 3.3.9, a Stored Cross-Site Scripting (XSS) vulnerability existed in Notesnook's editor embed component when rendering Twitter/X embed URLs. The tweetToEmbed() function in ...