What is CVE-2026-22810?

CVE-2026-22810 is a high-severity vulnerability in Joplinapp Joplin, classified under CWE-24. CVSS score: 8.2/10. Published 2026-05-18.

How severe is CVE-2026-22810?

High severity. CVSS v3 base score is 8.2 out of 10.

Vulnerability in Joplinapp Joplin

CVE-2026-22810

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path traversal vulnerability in the importer which allows overwriting arbitrary files on disk. The…

EPSS: 0.000 (0.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-24

References

security-advisories@github.com (x_refsource_CONFIRM, Vendor Advisory)
security-advisories@github.com (x_refsource_MISC, Issue Tracking)
security-advisories@github.com (Patch, x_refsource_MISC)
security-advisories@github.com (Product, x_refsource_MISC)
security-advisories@github.com (Product, Patch, x_refsource_MISC)

Frequently asked questions

What is CVE-2026-22810?: CVE-2026-22810 is a high-severity vulnerability in Joplinapp Joplin, classified under CWE-24. CVSS score: 8.2/10. Published 2026-05-18.
How severe is CVE-2026-22810?: High severity. CVSS v3 base score is 8.2 out of 10.