CVE-2025-65798
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk8th percentile - higher than 8% of all known CVEs
Summary
In usememos memos version 0.25.2, incorrect access control allows attackers with low-level privileges to arbitrarily modify or delete attachments created by other users.
Risk Assessment
The organization faces data integrity loss and potential confidentiality breaches, as attackers can manipulate other users' attachments, potentially leading to leakage or destruction of important information.
Recommendation
Immediately update usememos memos to the latest version containing a fix for this vulnerability, and review and adjust access permissions for attachments.
Original NVD description (English source)
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users.

