Resource exhaustion in Hedgedoc

CVE-2026-58488

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Versions prior to 1.11.0 allowed attackers to circumvent the rate-limiting of the /login and /register routes by spoofing IP addresses. HedgeDoc instances ch…

Affected products

Weakness classification (CWE)

References