Name: Docmost
Author: Docmost

🔍 What is Docmost?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2026-24045

HIGH CVSS 7.3 Feb 10, 2026

Docmost versions before 0.25.0 have a stored XSS vulnerability in public share pages where page titles aren't properly HTML-escaped before insertion into meta and title tags. This allows attackers to ...

CVE-2026-22249

HIGH CVSS 7.1 Jan 15, 2026

Docmost versions 0.21.0 through 0.23.x contain a ZipSlip vulnerability in the zip import feature that allows attackers to write arbitrary files to any location on the server filesystem. This occurs be...

CVE-2026-23630

MEDIUM CVSS 5.4 Jan 21, 2026

This stored XSS vulnerability in Docmost allows attackers to inject malicious Mermaid diagram code that executes arbitrary JavaScript when viewed. Any user who can create or edit content in affected v...