Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
Lifecycle Timeline
3DescriptionGitHub Advisory
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop (v0.101.3) allows full authentication bypass when running in an Electron environment. When Trilium detects an Electron environment, it explicitly disables authentication middleware for the Clipper API, exposing endpoints such as /api/clipper/notes to the network with no password, API token, or CSRF protection. An attacker on a shared network (for example, a corporate LAN or public Wi-Fi) can scan for open high-range ports using a tool like nmap, since Trilium often binds to ports such as 37840. Once a candidate port is found, an unauthenticated request to the Clipper handshake endpoint, which also bypasses authentication, confirms a Trilium instance by returning the application name and protocol version. This facilitates unauthorized data access, phishing, and local system compromise. The issue has been fixed in version 0.102.2.
AnalysisAI
Authentication bypass in Trilium Notes Desktop (Electron build) versions 0.102.1 and earlier allows remote unauthenticated attackers on the same network to access the Clipper API and read or manipulate notes without any credentials. The Electron runtime detection explicitly disables auth middleware on endpoints like /api/clipper/notes and the handshake endpoint, which fingerprints the application - no public exploit identified at time of analysis, but the vendor advisory GHSA-jcvx-vc83-cppw confirms the issue and the fix shipped in 0.102.2.
Technical ContextAI
Trilium Notes is a hierarchical personal knowledge base application built on Node.js with an Electron desktop wrapper (cpe:2.3:a:triliumnext:trilium). The Clipper API is a local HTTP service that normally accepts web-clipper browser-extension submissions; in the desktop build it binds to a high port (e.g. 37840) on all interfaces. The root cause maps to CWE-284 (Improper Access Control): runtime detection of the Electron environment branches around the authentication middleware entirely, so token, password, and CSRF checks are skipped for any caller - not just the local extension. Because the listener is reachable on the LAN rather than localhost-only, the bypass becomes network-exposed.
RemediationAI
Vendor-released patch: upgrade to Trilium 0.102.2 or later (https://github.com/TriliumNext/Trilium/releases/tag/v0.102.2), which restores authentication enforcement on the Clipper API under Electron and adds Electron fuses plus integrity checks per the release notes. If immediate upgrade is not possible, bind the desktop application to localhost only or block inbound TCP to the Clipper port (commonly 37840 and other high ports Trilium selects) at the host firewall - note this will break any LAN-based web-clipper extension workflow. Avoid running Trilium Desktop on untrusted networks (public Wi-Fi, conference networks, shared corporate LANs) until patched; the advisory at https://github.com/TriliumNext/Trilium/security/advisories/GHSA-jcvx-vc83-cppw should be consulted for full guidance.
Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large person
Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta. Rated medium sev
Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4. Rated medium severity (CVSS 5.4)
Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.53.3. Rated medium severity (CVSS 5.4)
Remote code execution in TriliumNext Trilium Notes desktop client prior to 0.102.2 allows attackers to achieve arbitrary
Same weakness CWE-284 – Improper Access Control
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31156