CVE-2026-42090 - Notesnook: RCE via stored XSS in note export rendering
CVE ID :CVE-2026-42090 Published : May 4, 2026, 5:16 p.m. | 53 minutes ago Description :Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook iOS/Android version 3.3.20, a stored XSS vulnerability in the note
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Amazon SES increasingly abused in phishing to evade detection
- [CYBER] Trellix discloses data breach after source code repository hack
- [CYBER] Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
- [CYBER] Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940
- [CYBER] Trellix confirms source code repo access incident
- [CYBER] Part 10 — Lessons learned building a Kubernetes Auth Gateway