Vulnerabilities

CVE-2026-23485

by Fred · 23/03/2026

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the filePath parameter accepts path traversal sequences, allowing enumeration of file existence on the server via different error responses. This issue has been patched in version 1.8.4.

More information : https://github.com/blinkospace/blinko/commit/9d6fa80a3e11a99886f90e048657443335fd3e7d

Similar

Tags: Cybersecurity Alert