CVE-2026-23481

Published: Mar 23, 2026

Modified: Mar 24, 2026

PUBLISHED

Description

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4.

Vendor	Product	Versions
blinkospace	blinko	affected `< 1.8.4`

Weaknesses (CWE)

CWE-22

References

https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5

x_refsource_CONFIRM

https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06

x_refsource_MISC

https://github.com/blinkospace/blinko/releases/tag/1.8.4

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23481

Description

Affected Products

Weaknesses (CWE)

References