CVE-2026-41572 | enchant97 note-mark up to 0.19.2 Asset Endpoint /api/notes/ improper authorization (GHSA-3gr9-485j-v4xf)

A vulnerability classified as critical has been found in enchant97 note-mark up to 0.19.2. Affected by this vulnerability is an unknown functionality of the file /api/notes/ of the component Asset Endpoint. The manipulation leads to improper authorization.

This vulnerability is documented as CVE-2026-41572. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More