A vulnerability marked as problematic has been reported in streetwriters Notesnook Web and Notesnook Desktop up to 3.3.10. This affects an unknown function. This manipulation causes cross site scripting.
This vulnerability appears as CVE-2026-33955. The attack requires local access. There is no available exploit.
It is suggested to upgrade the affected component.
