CVE-2026-30586 | THREATINT

Description

Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE_SCHEMA, Memo Rendering Component, and Public/Private Memo View pages

PUBLISHED Reserved 2026-03-04 | Published 2026-06-02 | Updated 2026-06-03 | Assigner mitre

References

gist.github.com/gabdevele/1dd393955d3ca7d937776fdca9412f0c exploit

github.com/...5a/web/src/components/MemoContent/constants.ts

gist.github.com/gabdevele/1dd393955d3ca7d937776fdca9412f0c

cve.org (CVE-2026-30586)

nvd.nist.gov (CVE-2026-30586)

Download JSON