CNNVD-202512-891 Information
Dec 08, 2025
cve
CNNVD ID
CNNVD-202512-891
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
Memos是Memos开源的一个具有知识管理和社交功能的开源自托管备忘录中心。 Memos v0.25.2版本存在安全漏洞,该漏洞源于/api/v1/user端点访问控制不当,可能导致未授权创建任意账户。
Description (English)
Memos is an open-source Memos centre with knowledge management and socialization functions. Release Memos v. 0.25.2 contains a security loophole that stems from inadequate access controls at the /api/v1/user endpoint, which may lead to unauthorized creation of arbitrary accounts.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Memos
Published
2025-12-08
Last Modified
2026-02-24
References
http://memos.com http://usememos.com https://github.com/usememos/memos/pull/5217 https://herolab.usd.de/usd-2025-0058/ https://access.redhat.com/security/cve/cve-2025-65795
Patch
https://github.com/usememos/memos/releases
Share on: