VYPR
Critical severity9.6OSV Advisory· Published Oct 9, 2025· Updated Apr 15, 2026

CVE-2025-56683

CVE-2025-56683

Description

A cross-site scripting (XSS) vulnerability in the component /app/marketplace.html of Logseq v0.10.9 allows attackers to execute arbitrary code via injecting arbitrary Javascript into a crafted README.md file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Logseq/LogseqOSV2 versions
    0.0.1-10, 0.0.1-100, 0.0.1-11, …+ 1 more
    • (no CPE)range: 0.0.1-10, 0.0.1-100, 0.0.1-11, …
    • (no CPE)range: =0.10.9

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.