CVE-2026-33146— Docmost's Public Share Search Exposes Metadata of Restricted Children
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-33146
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Docmost's Public Share Search Exposes Metadata of Restricted Children
Source: NVD (National Vulnerability Database)
Vulnerability Description
Docmost is open-source collaborative wiki and documentation software. An authorization bypass vulnerability in versions 0.70.0 through 0.70.2 exposes restricted child page titles and text snippets through the public search endpoint (`POST /api/search/share-search`) for publicly shared content. This flaw allows unauthenticated users to enumerate and retrieve content that should remain hidden from public share viewers, leading to a confidentiality breach. Version 0.70.3 contains a patch.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Docmost 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Docmost是Docmost开源的一个开协作维基和文档软件。 Docmost 0.70.0至0.70.2版本存在授权问题漏洞,该漏洞源于授权绕过问题,可能导致未经身份验证的用户通过公共搜索端点枚举和检索应隐藏的内容,造成机密性破坏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-33146
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-33146
Please Login to view more intelligence information
Same Patch Batch · docmost · 2026-04-14 · 4 CVEs total
| CVE-2026-34212 | 5.4 MEDIUM | Docmost page content has stored XSS via unsanitized attachment URLs |
| CVE-2026-34213 | 5.4 MEDIUM | Docmost has cross-page attachment overwrite via flawed attachmentId overwrite validation |
| CVE-2026-33193 | 4.6 MEDIUM | Docmost vulnerable to stored XSS via MIME type spoofing |
IV. Related Vulnerabilities
Same product: docmost
- CVE-2026-40927
Docmost: XSS in Comments with JavaScript URI - CVE-2026-34213
Docmost has cross-page attachment overwrite via flawed attac - CVE-2026-34212
Docmost page content has stored XSS via unsanitized attachme - CVE-2026-33193
Docmost vulnerable to stored XSS via MIME type spoofing - CVE-2026-24045
Docmost Affected by Stored XSS in Public Share Page
Same vendor: docmost
- CVE-2026-40927
Docmost: XSS in Comments with JavaScript URI - CVE-2026-34213
Docmost has cross-page attachment overwrite via flawed attac - CVE-2026-34212
Docmost page content has stored XSS via unsanitized attachme - CVE-2026-33193
Docmost vulnerable to stored XSS via MIME type spoofing - CVE-2026-24045
Docmost Affected by Stored XSS in Public Share Page
Same weakness: CWE-285
- CVE-2026-42202
nova-toggle-5: Improper authorization on toggle endpoint all - CVE-2026-33823
Microsoft Team Events Portal Information Disclosure Vulnerab - CVE-2026-41572
Note Mark: Unauthenticated read of notes and assets in soft- - CVE-2026-7713
crocodilestick Calibre-Web-Automated Kobo auth-token Route k - CVE-2026-7709
janeczku Calibre-Web Endpoint kobo_auth.py generate_auth_tok
V. Comments for CVE-2026-33146
No comments yet