All 4 CVE vulnerabilities found in note-mark, with AI-generated Chinese analysis, references, and POCs.
Vendor: enchant97
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40265 | Note Mark has Broken Access Control on Asset Download CWE-862 | 5.9 | Medium | 2026-04-16 |
| CVE-2026-40263 | Note Mark: Username Enumeration via Login Endpoint Timing Side-Channel CWE-208 | 3.7 | Low | 2026-04-16 |
| CVE-2026-40262 | Note Mark has Stored XSS via Unrestricted Asset Upload CWE-79 | 8.7 | High | 2026-04-16 |
| CVE-2024-41819 | Note Mark has a stored XSS in the note link href attribute CWE-79 | 8.7 | High | 2024-07-29 |
All 4 known CVE vulnerabilities affecting note-mark with full Chinese analysis, references, and POCs where available.