Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-23486 PoC — Blinko 信息泄露漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2026/CVE-2026-23486.yaml
Associated Vulnerability
Title:Blinko 信息泄露漏洞 (CVE-2026-23486)
Description:Blinko是Blinko开源的一款基于人工智能的卡片式笔记应用,专为想要快速捕捉和整理转瞬即逝的灵感的用户而设计。 Blinko 1.8.4之前版本存在信息泄露漏洞,该漏洞源于一个可公开访问的端点暴露所有用户信息。
Description
Blinko <= 1.8.4 contains an information disclosure caused by a publicly accessible endpoint exposing user information including usernames, roles, and account creation dates, letting remote attackers access sensitive user data, exploit requires no special privileges.
File Snapshot

 id: CVE-2026-23486

info:
  name: Blinko <= 1.8.3 - User Information Leak
  author: 0x_Akoko
  sever

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.