Security: streetwriters/notesnook
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Stored XSS in mobile share editor via unescaped web clip title metadataGHSA-f27j-fqc6-v7pm published
Mar 28, 2026 by thecodrrModerate -
RCE via stored XSS in Web Clipper renderingGHSA-f42f-phvp-43x5 published
Mar 25, 2026 by thecodrrCritical -
RCE via stored XSS in Note History diff viewerGHSA-45g3-cv93-q59v published
Mar 25, 2026 by thecodrrHigh -
Stored XSS via unsanitized Twitter/X embed URL in editor (`tweetToEmbed`)GHSA-jprx-2w2h-4rh5 published
Mar 11, 2026 by thecodrrModerate
Learn more about advisories related to streetwriters/notesnook in the GitHub Advisory Database