CVE-2026-39310 | TriliumNext Trilium up to 0.102.1 Clipper API /api/clipper/notes access control

Inserito da Angelo Barbosa | Mag 20, 2026 | CVE

A vulnerability labeled as critical has been found in TriliumNext Trilium up to 0.102.1. Affected by this issue is some unknown functionality of the file /api/clipper/notes of the component Clipper API. Executing a manipulation can lead to improper access controls.

This vulnerability appears as CVE-2026-39310. The attacker needs to be present on the local network. There is no available exploit.

The affected component should be upgraded.

CVE-2026-39310 | TriliumNext Trilium up to 0.102.1 Clipper API /api/clipper/notes access control

Post correlati

CVE-2026-39817 | cmd-go up to 1.25.9/1.26.2 on Go Archive path traversal

CVE-2024-0466 | code-projects Employee Profile Management System 1.0 file_table.php per_id sql injection

CVE-2026-34730 | copier-org copier up to 9.14.0 YAML File Parser _external_data path traversal (GHSA-hgjq-p8cr-gg4h)

CVE-2024-39703 | ThreatQuotient ThreatQ Platform up to 5.29.2 API Endpoint command injection (icsa-24-352-01)