Vulnerabilidades en TriliumNext
7 resultadosCVE-2026-35593MEDIUMTrilium Notes has Local File Inclusion via upload modified file API endpointEPSS 0.6%CVE-2025-68621HIGHTrilium Notes has a Timing Attack Vulnerability in /api/login/syncEPSS 0.5%CVE-2026-39310HIGHTrilium Notes: Authentication Bypass in Clipper API for Electron (Desktop) BuildsEPSS 0.4%CVE-2025-53544HIGHTrilium Notes is Vulnerable to Brute-force Protection Bypass via Initial Sync Seed RetrievalEPSS 0.3%CVE-2026-39311MEDIUMTrilium Notes: Stored XSS Leads to Unauthorized Remote Code Execution (RCE) via Unsanitized SVG AttachmentsEPSS 0.3%CVE-2026-39309MEDIUMTrilium Notes: macOS TCC Bypass via Prompt SpoofingEPSS 0.2%CVE-2026-45668CRITICALTrilium Notes : Note Import to RCE via #docName Path Traversal (Safe Import Enabled)EPSS 0.2%