Known Vulnerabilities for products from Usememos

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Usememos".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-6634 json		Not Provided	2026-04-20	2026-04-20
CVE-2023-5036 json	Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.	8.8 - HIGH	2023-09-18	2023-09-19
CVE-2023-4698 json	Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2.	7.5 - HIGH	2023-09-01	2023-09-01
CVE-2023-4697 json	Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.	8.8 - HIGH	2023-09-01	2023-09-01
CVE-2023-4696 json	Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.	9.8 - CRITICAL	2023-09-01	2023-09-01
CVE-2023-0112 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.	5.4 - MEDIUM	2023-01-07	2023-01-12
CVE-2023-0111 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.	5.4 - MEDIUM	2023-01-07	2023-01-12
CVE-2023-0110 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.	5.4 - MEDIUM	2023-01-07	2023-01-12
CVE-2023-0108 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.	5.4 - MEDIUM	2023-01-07	2023-01-12
CVE-2023-0107 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.	5.4 - MEDIUM	2023-01-07	2023-01-12
CVE-2023-0106 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.	5.4 - MEDIUM	2023-01-07	2023-01-12
CVE-2022-25978 json	All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient...	6.1 - MEDIUM	2023-02-15	2023-11-07
CVE-2022-4866 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.	9 - CRITICAL	2022-12-31	2023-01-06
CVE-2022-4865 json	Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.	9 - CRITICAL	2022-12-31	2023-01-06
CVE-2022-4863 json	Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1.	6.5 - MEDIUM	2022-12-30	2023-01-10
CVE-2022-4851 json	Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.	5.3 - MEDIUM	2022-12-29	2023-01-05
CVE-2022-4850 json	Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.	6.5 - MEDIUM	2022-12-29	2023-01-05
CVE-2022-4849 json	Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.	6.5 - MEDIUM	2022-12-29	2023-01-05
CVE-2022-4848 json	Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.	5.7 - MEDIUM	2022-12-29	2023-01-05
CVE-2022-4847 json	Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.	6.5 - MEDIUM	2022-12-29	2023-01-05

Results limited to 20 most recent vulnerabilities