CVE-2026-40265 | enchant97 note-mark up to 0.19.1 Asset Download Endpoint assets authorization (GHSA-p5w6-75f9-cc2p)

A vulnerability classified as problematic has been found in enchant97 note-mark up to 0.19.1. This impacts an unknown function of the file /api/notes/{noteID}/assets/ of the component Asset Download Endpoint. Performing a manipulation results in missing authorization.

This vulnerability was named CVE-2026-40265. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More