What the vulnerability does
01Description
Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVSS base score
6.3/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
December 28, 2022
CVE published
April 10, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-27891 On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.
CVE-2020-7278 McAfee firewall rules not enforced correctly
CVE-2022-39915
CVE-2026-41277 Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)
CVE-2022-34431
