Vulnerabilities

Report: - usememos UpdateInstanceSetting App.tsx memos_access_token improper authorization CVE-2026-6634

2026-04-20 0 views admin

CVE ID :CVE-2026-6634 Published : April 20, 2026, 12:16 p.m. | 35 minutes ago Description :A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-6634

Severity

MEDIUM

Published

April 20, 2026

🏷️ Tags

reportusememosupdateinstancesettingmemos_access_tokenimproperauthorizationpublishedminutescvecve-2026-6634

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: - usememos UpdateInstanceSetting App.tsx memos_access_token improper authorization CVE-2026-6634

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Latest: CVE-2026-6648 - Qibo CMS Internal Message cross site scripting

Report: CVE-2026-34429 - Vvveb < 1.0.8.1 Stored XSS via Media Upload and Rename

Report: CVE-2026-34427 - Vvveb < 1.0.8.1 Privilege Escalation via admin/user/save

Report: - Vvveb < 1.0.8.1 SSRF via oEmbedProxy CVE-2026-34428

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting