VYPR
High severity8.8NVD Advisory· Published Apr 15, 2022· Updated Jun 17, 2026

CVE-2022-29281

CVE-2022-29281

Description

Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Notable/Notabledescription
  • notable/Notablellm-fuzzy
    Range: <1.9.0-beta.8

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.