VYPR

Wiki.js

by Wiki.js

CVEs (1)

  • CVE-2026-44224HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.00

    Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to…