What the vulnerability does
01Description
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.
CVSS base score
7.6/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Key dates
02Disclosure timeline
December 23, 2022
CVE published
April 9, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-43409 Ghost's improper authentication allows access to member information and actions
CVE-2023-32285
CVE-2023-6073 DoS and Control of Volume Settings for VW ID.3 ICAS3 IVI ECU
CVE-2020-9754
CVE-2024-0766 Envo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Missing Authorization via templates_ajax_request
