VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/usememos/memos

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-6634 medium 6.3 6.3 1mo ago Memos has an Incorrect Privilege Assignment issue golang
CVE-2025-65797 unknown 6mo ago memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos golang
CVE-2025-65799 unknown 6mo ago memos lacks file name validation or verification in github.com/usememos/memos golang
CVE-2025-65795 unknown 6mo ago memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos golang
CVE-2025-65798 unknown 6mo ago memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos golang
CVE-2025-65796 unknown 6mo ago memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos golang
CVE-2024-21635 unknown 6mo ago Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos golang
CVE-2025-56761 unknown 9mo ago Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos golang
CVE-2025-56760 unknown 9mo ago Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos golang
CVE-2025-50738 unknown 10mo ago Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos golang
CVE-2025-22952 unknown 1y ago Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos golang
CVE-2023-0109 unknown 2y ago Stored XSS using two files in usememos/memos in github.com/usememos/memos golang
CVE-2024-41659 unknown 2y ago memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos golang
CVE-2024-29028 unknown 2y ago memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos golang
CVE-2024-29029 unknown 2y ago memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos golang
CVE-2024-29030 unknown 2y ago memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos golang
CVE-2023-5036 unknown 3y ago Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos golang
CVE-2023-4696 unknown 3y ago Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memos in github.com/usememos/memos golang
CVE-2023-4697 unknown 3y ago usememos/memos vulnerable to privilege escalation in github.com/usememos/memos golang
CVE-2023-4698 unknown 3y ago usememos/memos vulnerable to improper input validation golang
CVE-2022-25978 unknown 3y ago Cross site scripting in github.com/usememos/memos golang
CVE-2023-0106 unknown 3y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2023-0107 unknown 3y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2023-0111 unknown 3y ago usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos golang
CVE-2023-0108 unknown 3y ago usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos golang
CVE-2023-0110 unknown 3y ago usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos golang
CVE-2023-0112 unknown 3y ago usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos golang
CVE-2022-4866 unknown 3y ago usememos/memos vulnerable to Cross-site Scripting golang
CVE-2022-4865 unknown 3y ago usememos/memos Cross-site Scripting vulnerability golang
CVE-2022-4863 unknown 3y ago usememos/memos vulnerable to Improper Handling of Insufficient Permissions or Privileges in github.com/usememos/memos golang
CVE-2022-4850 unknown 4y ago usememos/memos Cross-Site Request Forgery vulnerability golang
CVE-2022-4844 unknown 4y ago usememos/memos Cross-Site Request Forgery vulnerability golang
CVE-2022-4841 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2022-4848 unknown 4y ago usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos golang
CVE-2022-4845 unknown 4y ago usememos/memos Cross-Site Request Forgery vulnerability in github.com/usememos/memos golang
CVE-2022-4846 unknown 4y ago usememos/memos Cross-Site Request Forgery vulnerability golang
CVE-2022-4839 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2022-4849 unknown 4y ago usememos/memos Cross-Site Request Forgery vulnerability in github.com/usememos/memos golang
CVE-2022-4840 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2022-4847 unknown 4y ago usememos/memos has Incorrectly Specified Destination in a Communication Channel in github.com/usememos/memos golang
CVE-2022-4851 unknown 4y ago sememos/memos vulnerable to Improper Handling of Values in github.com/usememos/memos golang
CVE-2022-4808 unknown 4y ago usememos/memos Improper Privilege Management vulnerability in github.com/usememos/memos golang
CVE-2022-4813 unknown 4y ago usememos/memos has Insufficient Granularity of Access Control in github.com/usememos/memos golang
CVE-2022-4814 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4809 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4807 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4812 unknown 4y ago usememos/memos vulnerable to Comparison of Object References Instead of Object Contents in github.com/usememos/memos golang
CVE-2022-4810 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4805 unknown 4y ago usememos/memos Incorrect Use of Privileged APIs vulnerability in github.com/usememos/memos golang
CVE-2022-4811 unknown 4y ago usememos/memos Improper Authorization vulnerability in github.com/usememos/memos golang
CVE-2022-4806 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4797 unknown 4y ago usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts in github.com/usememos/memos golang
CVE-2022-4803 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4796 unknown 4y ago usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos golang
CVE-2022-4799 unknown 4y ago usememos/memos Improper Authentication vulnerability in github.com/usememos/memos golang
CVE-2022-4804 unknown 4y ago usememos/memos Improper Authorization vulnerability in github.com/usememos/memos golang
CVE-2022-4802 unknown 4y ago usememos/memos vulnerable to Improper Authorization in github.com/usememos/memos golang
CVE-2022-4801 unknown 4y ago usememos/memos has Insufficient Granularity of Access Control in github.com/usememos/memos golang
CVE-2022-4798 unknown 4y ago usememos/memos Improper Authorization vulnerability in github.com/usememos/memos golang
CVE-2022-4800 unknown 4y ago usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos golang
CVE-2022-4734 unknown 4y ago usememos/memos may leak user information to an authenticated user in github.com/usememos/memos golang
CVE-2022-4691 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos golang
CVE-2022-4695 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2022-4694 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting golang
CVE-2022-4767 unknown 4y ago usememos/memos Denial of Service vulnerability in github.com/usememos/memos golang
CVE-2022-4692 unknown 4y ago usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos golang
CVE-2022-4684 unknown 4y ago usememos/memos Improper Access Control vulnerability in github.com/usememos/memos golang
CVE-2022-4690 unknown 4y ago usememos/memos vulnerable to stored cross-site scripting (XSS) in github.com/usememos/memos golang
CVE-2022-4689 unknown 4y ago usememos/memos vulnerable to account takeover due to improper access control in github.com/usememos/memos golang
CVE-2022-4688 unknown 4y ago usememos/memos vulnerable to improper authorization in github.com/usememos/memos golang
CVE-2022-4683 unknown 4y ago usememos/memos missing Secure cookie attribute in github.com/usememos/memos golang
CVE-2022-4685 unknown 4y ago usememos/memos vulnerable to improper access control in github.com/usememos/memos golang
CVE-2022-4686 unknown 4y ago usememos/memos Authorization Bypass Through User-Controlled Key vulnerability in github.com/usememos/memos golang
CVE-2022-4687 unknown 4y ago usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos golang
CVE-2022-4609 unknown 4y ago Memos Cross-site Scripting vulnerability golang