VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/enchant97/note-mark/backend

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-44523 critical 10.0 10.0 14d ago Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery golang
CVE-2026-41571 critical 9.4 9.4 24d ago Note Mark: OIDC-registered users authenticated by submitting password "null" golang
CVE-2026-41572 medium 5.3 5.3 24d ago Note Mark: Unauthenticated read of notes and assets in soft-deleted public books golang