VYPR
Vendor

Inkdrop

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2023-44141HigOct 30, 2023
    risk 0.51cvss 7.8epss 0.00

    Inkdrop prior to v5.6.0 allows a local attacker to conduct a code injection attack by having a legitimate user open a specially crafted markdown file.

  • CVE-2021-20745HigJun 28, 2021
    risk 0.51cvss 7.8epss 0.01

    Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the system where it runs by loading a file or code snippet containing an invalid iframe into Inkdrop.

  • CVE-2022-46603MedJan 9, 2023
    risk 0.40cvss 6.1epss 0.01

    An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file.