Threat Advisory

Note Mark Vulnerabilities Uncover Sensitive Details and Repository Risks

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Two vulnerabilities have been identified in Note Mark, including an unauthenticated information disclosure issue and a path traversal vulnerability. The first flaw allows unauthenticated attackers to access metadata of soft-deleted notes from public books by abusing the deleted=true parameter, bypassing intended deletion restrictions. The second vulnerability exists due to improper validation of book and note slug values, allowing attackers to inject path traversal sequences that can escape the intended export directory during migration operations, potentially leading to arbitrary file creation and privilege escalation when exports are executed with elevated permissions.

CVE-2026-50554 (CVSS 5.3 — Medium): An unauthenticated attacker can disclose soft-deleted note metadata via a public book with deleted=true.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Two vulnerabilities have been identified in Note Mark, including an unauthenticated information disclosure issue and a path traversal vulnerability. The first flaw allows unauthenticated attackers to access metadata of soft-deleted notes from public books by abusing the deleted=true parameter, bypassing intended deletion restrictions. The second vulnerability exists due to improper validation of book and note slug values, allowing attackers to inject path traversal sequences that can escape the intended export directory during migration operations, potentially leading to arbitrary file creation and privilege escalation when exports are executed with elevated permissions.

CVE-2026-50554 (CVSS 5.3 — Medium): An unauthenticated attacker can disclose soft-deleted note metadata via a public book with deleted=true.[emaillocker id="1283"]

CVE-2026-50553 (CVSS 8.6 — High): A path traversal vulnerability in Note Mark's migration export functionality allows attackers to access sibling directories due to unsanitized book and note slug values.

RECOMMENDATION:

We strongly recommend you update github.com/enchant97/note-mark/backend to below version: • CVE-2026-50554: https://github.com/advisories/GHSA-588f-fvcv-xhvf • CVE-2026-50553: https://github.com/advisories/GHSA-rqrh-8wpv-x7hh

REFERENCES:

The following reports contain further technical details:

[/emaillocker]
crossmenu