Skip to main content

vnote EUVDEUVD-2026-43246

| CVE-2026-15505 LOW
Cross-site Scripting (XSS) (CWE-79)
2026-07-12 VulDB GHSA-q2vg-w96j-jgp7
2.0
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
2.0 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Network-delivered XSS via shared note requires low privileges to craft and deliver, user interaction to render, scope change to browser context, with low confidentiality and integrity impact.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

3
Severity Changed
Jul 12, 2026 - 20:22 NVD
MEDIUM LOW
CVSS changed
Jul 12, 2026 - 20:22 NVD
5.1 (MEDIUM) 2.0 (LOW)
Analysis Generated
Jul 12, 2026 - 19:46 vuln.today

DescriptionCVE.org

A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument p_metaData causes cross site scripting. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Cross-site scripting in vnotex vnote up to version 3.20.1 allows a remote attacker with low-level privileges to inject malicious scripts via the YAML frontmatter p_metaData argument processed by /src/data/extra/web/js/markdownit.js. When a victim views or renders a specially crafted note containing malicious YAML metadata, the injected script executes in their browser context, enabling limited integrity manipulation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Attacker crafts malicious YAML frontmatter note
Delivery
Delivers note to victim via share or file transfer
Exploit
Victim opens note in vnote
Execution
markdownit.js parses unsanitized p_metaData
Persist
Injected script executes in embedded web renderer
Impact
Attacker achieves integrity manipulation in victim browser context

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to have the ability to create or deliver a crafted Markdown note to the victim - either through a shared notebook, file share, or direct file transfer - giving the attack a PR:L (low-privilege) baseline: the attacker does not need admin rights but must have some write or delivery capability. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.1 (Medium) with vector AV:N/AC:L/AT:N/PR:L/UI:P reflects a meaningful but constrained risk profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with access to a shared note repository or collaboration workspace crafts a vnote Markdown file containing a malicious JavaScript payload embedded in the YAML frontmatter metadata block. When a co-user or victim opens the note within vnote's embedded web renderer, the markdownit.js parser processes the unsanitized `p_metaData` value and the injected script executes in the browser context. …
Remediation No vendor-released patch has been identified at time of analysis; the vendor did not respond to responsible disclosure contact. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43246 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy