PatchSiren

flatnotes CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Review flatnotes CVE published 2026-06-15

CVE-2026-50873

CVE-2026-50873 is an arbitrary file upload vulnerability in the attachment handling component of flatnotes v5.5.4. This vulnerability allows attackers to execute arbitrary code by uploading a crafted HTML or SVG file.