Known Vulnerabilities for Memos by Usememos
Listed below are 10 of the newest known vulnerabilities associated with "Memos" by "Usememos".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-30586 json | Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via th... | Not Provided | 2026-06-02 | 2026-06-03 |
| CVE-2026-6634 json | A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/A... | Not Provided | 2026-04-20 | 2026-04-20 |
| CVE-2025-65799 json | A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execut... | Not Provided | 2025-12-08 | 2026-07-05 |
| CVE-2025-65798 json | Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete... | Not Provided | 2025-12-08 | 2026-07-05 |
| CVE-2025-65797 json | Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privilege... | Not Provided | 2025-12-08 | 2026-07-05 |
| CVE-2025-65796 json | Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions... | Not Provided | 2025-12-08 | 2026-07-05 |
| CVE-2025-65795 json | Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbit... | Not Provided | 2025-12-08 | 2026-07-05 |
| CVE-2025-58242 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vadim Bogaiskov Bg Chur... | Not Provided | 2025-09-22 | 2026-04-23 |
| CVE-2023-5036 json | Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1. | 8.8 - HIGH | 2023-09-18 | 2023-09-19 |
| CVE-2023-4698 json | Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2. | 7.5 - HIGH | 2023-09-01 | 2023-09-01 |