CNNVD-202512-894 Information
Dec 08, 2025
cve
CNNVD ID
CNNVD-202512-894
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
Memos是Memos开源的一个具有知识管理和社交功能的开源自托管备忘录中心。 Memos v0.25.2版本存在安全漏洞,该漏洞源于附件服务缺少文件名验证,可能导致路径遍历攻击。
Description (English)
Memos is an open-source Memos centre with knowledge management and socialization functions. There is a security loophole in version Memos v. 0.25.2, which stems from the lack of document identification for attachment services, which could lead to a routing attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Memos
Published
2025-12-08
Last Modified
2026-02-24
References
http://memos.com http://usememos.com https://github.com/usememos/memos/pull/5218 https://herolab.usd.de/security-advisories/usd-2025-0056/ https://access.redhat.com/security/cve/cve-2025-65799
Patch
https://github.com/usememos/memos/releases
Share on: