We’re taking on a small number of new builds and rebuilds this quarter. Book a call to see if your project is a fit.

CVE CVE-2025-65796

CVE-2025-65796

React

Severity: MEDIUM
CVSS: 4.3CVSS
Published: 2025-12-08
Last modified: 2025-12-09
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE: CWE-284

Description

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.

References

http://memos.com
http://usememos.com
https://github.com/usememos/memos/pull/5217
https://herolab.usd.de/security-advisories/usd-2025-0060/

Summary

Description

References