โ† Back to Dashboard

CVE-2026-28201

HIGH NVD
CVSS Score
7.8
Severity
HIGH
Source
NVD
Published
May 07, 2026
Description

An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker to trick a legitimate user to alter or delete arbitrary database entries via specially crafted malicious URL. Depending on the deployment, data exfiltration is also possible.

View Full Details โ† Back