CVE Catalog
CVE-2025-65796
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk0.20%
10th percentile - higher than 10% of all known CVEs
Summary
In usememos memos version 0.25.2, an incorrect access control allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.
Risk Assessment
The organization faces data integrity issues and potential disruption of social interactions, as an attacker can delete reactions without proper authorization.
Recommendation
Immediately update usememos memos to the latest patched version and review access control configurations.
Original NVD description (English source)
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.

