cbcvebase.

Usememos Memos vulnerabilities

73 known vulnerabilities affecting usememos/memos.

Total CVEs
73
CISA KEV
0
Public exploits
5
Exploited in wild
4
Severity breakdown
CRITICAL6HIGH16MEDIUM51

Vulnerabilities

Page 4 of 4
CVE-2022-4692P4MEDIUMCVSS 5.4fixed in 0.9.02022-12-23
CVE-2022-4692 [MEDIUM] CWE-79 CVE-2022-4692: Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
nvd
CVE-2022-4694P4MEDIUMCVSS 5.4fixed in 0.9.02022-12-27
CVE-2022-4694 [MEDIUM] CWE-79 CVE-2022-4694: Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
nvd
CVE-2022-4804P4MEDIUMCVSS 5.3fixed in 0.9.12022-12-28
CVE-2022-4804 [MEDIUM] CWE-285 CVE-2022-4804: Improper Authorization in GitHub repository usememos/memos prior to 0.9.1. Improper Authorization in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4851P4MEDIUMCVSS 5.3fixed in 0.9.12022-12-29
CVE-2022-4851 [MEDIUM] CWE-229 CVE-2022-4851: Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1. Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2025-65796P4MEDIUMCVSS 4.3v0.25.22025-12-08
CVE-2025-65796 [MEDIUM] CWE-284 CVE-2025-65796: Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arb Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.
nvd
CVE-2022-4807P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-28
CVE-2022-4807 [MEDIUM] CWE-284 CVE-2022-4807: Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4814P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-28
CVE-2022-4814 [MEDIUM] CWE-284 CVE-2022-4814: Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4813P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-28
CVE-2022-4813 [MEDIUM] CWE-1220 CVE-2022-4813: Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4810P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-28
CVE-2022-4810 [MEDIUM] CWE-284 CVE-2022-4810: Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4797P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-28
CVE-2022-4797 [MEDIUM] CWE-307 CVE-2022-4797: Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4805P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-28
CVE-2022-4805 [MEDIUM] CWE-648 CVE-2022-4805: Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1. Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4734P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-27
CVE-2022-4734 [MEDIUM] CWE-212 CVE-2022-4734: Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/m Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.
nvd
CVE-2022-4845P4MEDIUMCVSS 4.3fixed in 0.9.12022-12-29
CVE-2022-4845 [MEDIUM] CWE-352 CVE-2022-4845: Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
nvd
Usememos Memos vulnerabilities | cvebase