CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-22952

elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.202

EPSS Ranking 95.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://elest.io/open-source/memos
https://github.com/usememos/memos
https://github.com/usememos/memos/issues/4413
https://github.com/usememos/memos/pull/4428
https://github.com/usememos/memos/issues/4413

Products affected by CVE-2025-22952

Usememos » Memos » Version: 0.23.0

cpe:2.3:a:usememos:memos:0.23.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-22952

Products

Pricing

Contact Us