Known Vulnerabilities for Notes by Hcltech
Listed below are 10 of the newest known vulnerabilities associated with "Notes" by "Hcltech".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44365 json | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-34429. Reason: This candidate is a dupli... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-42564 json | jotty·page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticated path traversal vulnerabil... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-42291 json | SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints fo... | Not Provided | 2026-05-08 | 2026-05-08 |
| CVE-2026-41572 json | Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public b... | Not Provided | 2026-05-04 | 2026-05-04 |
| CVE-2026-40581 json | ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint (Select... | Not Provided | 2026-04-18 | 2026-04-20 |
| CVE-2026-40265 json | Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/... | Not Provided | 2026-04-17 | 2026-04-16 |
| CVE-2026-39323 json | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39326. Reason: This candidate is a dupli... | Not Provided | 2026-04-07 | 2026-04-09 |
| CVE-2026-39317 json | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-39334. Reason: This candidate is a dupli... | Not Provided | 2026-04-07 | 2026-04-09 |
| CVE-2026-38568 json | HireFlow v1.2 is vulnerable to Incorrect Access Control. The application does not enforce object-level authorization on the /... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-35578 json | Rejected reason: This CVE is a duplicate of another CVE.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026... | Not Provided | 2026-04-07 | 2026-04-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 | |||
| Application | Hcltech | Notes | 9.0.1 |