Browse all 5 CVE security advisories affecting streetwriters. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Streetwriters primarily develops web applications and content management systems, serving businesses needing customizable online platforms. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. Notable characteristics include inconsistent patch release cycles and limited security documentation. While no major public incidents have been widely reported, their CVE history suggests ongoing security challenges, particularly in user authentication and session management. The five documented vulnerabilities indicate a pattern of preventable issues that could expose systems to unauthorized access or data compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42090 | Notesnook: RCE via stored XSS in note export rendering — notesnookCWE-79 | 9.6 | Critical | 2026-05-04 |
| CVE-2026-33978 | Notesnook: Stored XSS in mobile share editor via unescaped web clip title metadata — notesnookCWE-79 | 5.4 | Medium | 2026-04-01 |
| CVE-2026-31876 | Notesnook has Stored XSS via unsanitized Twitter/X embed URL in editor (`tweetToEmbed`) — notesnookCWE-79 | 5.4 | Medium | 2026-03-11 |
This page lists every published CVE security advisory associated with streetwriters. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.