Resource exhaustion in Hedgedoc
CVE-2026-58488
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Versions prior to 1.11.0 allowed attackers to circumvent the rate-limiting of the /login and /register routes by spoofing IP addresses. HedgeDoc instances ch…
Affected products
- Hedgedoc — versions < 1.11.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)