Skip to main content

Trilium Notes EUVDEUVD-2026-31156

| CVE-2026-39310 HIGH
Improper Access Control (CWE-284)
2026-05-20 GitHub_M
8.6
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
Low

Lifecycle Timeline

3
Patch available
May 20, 2026 - 20:02 EUVD
Source Code Evidence Fetched
May 20, 2026 - 20:01 vuln.today
Analysis Generated
May 20, 2026 - 20:01 vuln.today

DescriptionGitHub Advisory

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Clipper API in Trilium Desktop (v0.101.3) allows full authentication bypass when running in an Electron environment. When Trilium detects an Electron environment, it explicitly disables authentication middleware for the Clipper API, exposing endpoints such as /api/clipper/notes to the network with no password, API token, or CSRF protection. An attacker on a shared network (for example, a corporate LAN or public Wi-Fi) can scan for open high-range ports using a tool like nmap, since Trilium often binds to ports such as 37840. Once a candidate port is found, an unauthenticated request to the Clipper handshake endpoint, which also bypasses authentication, confirms a Trilium instance by returning the application name and protocol version. This facilitates unauthorized data access, phishing, and local system compromise. The issue has been fixed in version 0.102.2.

AnalysisAI

Authentication bypass in Trilium Notes Desktop (Electron build) versions 0.102.1 and earlier allows remote unauthenticated attackers on the same network to access the Clipper API and read or manipulate notes without any credentials. The Electron runtime detection explicitly disables auth middleware on endpoints like /api/clipper/notes and the handshake endpoint, which fingerprints the application - no public exploit identified at time of analysis, but the vendor advisory GHSA-jcvx-vc83-cppw confirms the issue and the fix shipped in 0.102.2.

Technical ContextAI

Trilium Notes is a hierarchical personal knowledge base application built on Node.js with an Electron desktop wrapper (cpe:2.3:a:triliumnext:trilium). The Clipper API is a local HTTP service that normally accepts web-clipper browser-extension submissions; in the desktop build it binds to a high port (e.g. 37840) on all interfaces. The root cause maps to CWE-284 (Improper Access Control): runtime detection of the Electron environment branches around the authentication middleware entirely, so token, password, and CSRF checks are skipped for any caller - not just the local extension. Because the listener is reachable on the LAN rather than localhost-only, the bypass becomes network-exposed.

RemediationAI

Vendor-released patch: upgrade to Trilium 0.102.2 or later (https://github.com/TriliumNext/Trilium/releases/tag/v0.102.2), which restores authentication enforcement on the Clipper API under Electron and adds Electron fuses plus integrity checks per the release notes. If immediate upgrade is not possible, bind the desktop application to localhost only or block inbound TCP to the Clipper port (commonly 37840 and other high ports Trilium selects) at the host firewall - note this will break any LAN-based web-clipper extension workflow. Avoid running Trilium Desktop on untrusted networks (public Wi-Fi, conference networks, shared corporate LANs) until patched; the advisory at https://github.com/TriliumNext/Trilium/security/advisories/GHSA-jcvx-vc83-cppw should be consulted for full guidance.

Share

EUVD-2026-31156 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy