XSS in Triliumnext Trilium
CVE-2026-45668
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malicious ZIP archive imported with safe import enabled achieves RCE via #docName path traversa…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.000 (8.7th percentile) — read the EPSS interpretation.
Affected products
- Triliumnext Trilium — versions < 0.102.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)