CVE-2026-23481

UNKNOWN 0.0

Blinko: Authenticated Arbitrary File Write - saveAdditionalDevFile

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

4th

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4.

CWE	CWE-22
Vendor	blinkospace
Product	blinko
Published	Mar 23, 2026
Last Updated	Mar 24, 2026

Stay Ahead of the Next One

Get instant alerts for blinkospace blinko

Be the first to know when new unknown vulnerabilities affecting blinkospace blinko are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

blinkospace / blinko

< 1.8.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5 github.com: https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06 github.com: https://github.com/blinkospace/blinko/releases/tag/1.8.4