GHSA-92vj-g62v-jqhh: Hono has Body Limit Middleware Bypass

GHSA-q7pg-9pr4-mrp2: httpsig-rs: HMAC verification is vulnerable to timing attack

GHSA-wgpv-6j63-x5ph: Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover

GHSA-vcqx-v2mg-7chx:  Neo4j Cypher MCP server is vulnerable to DNS rebinding 

GHSA-7vm2-j586-vcvc: SurrealDB is Vulnerable to Unauthorized Data Exposure via LIVE Query Subscriptions

In usememos/memos 0.9.0 and prior, an attacker can delete other users' posts via post id, which can be done via brute force.

**usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts**

High severity GitHub Reviewed Published Dec 28, 2022 • Updated Dec 30, 2022

Headline

GHSA-qrrf-xvcf-p64q: usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts

ghsa: Latest News