{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23481", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-13T15:47:41.627Z", "datePublished": "2026-03-23T20:33:32.754Z", "dateUpdated": "2026-03-24T18:45:57.927Z"}, "containers": {"cna": {"title": "Blinko: Authenticated Arbitrary File Write - saveAdditionalDevFile", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5"}, {"name": "https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06", "tags": ["x_refsource_MISC"], "url": "https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06"}, {"name": "https://github.com/blinkospace/blinko/releases/tag/1.8.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/blinkospace/blinko/releases/tag/1.8.4"}], "affected": [{"vendor": "blinkospace", "product": "blinko", "versions": [{"version": "< 1.8.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-23T20:33:32.754Z"}, "descriptions": [{"lang": "en", "value": "Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4."}], "source": {"advisory": "GHSA-38hg-8p2j-76g5", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T18:45:35.521223Z", "id": "CVE-2026-23481", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T18:45:57.927Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23481", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T18:45:35.521223Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T18:45:53.918Z"}}], "cna": {"title": "Blinko: Authenticated Arbitrary File Write - saveAdditionalDevFile", "source": {"advisory": "GHSA-38hg-8p2j-76g5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "blinkospace", "product": "blinko", "versions": [{"status": "affected", "version": "< 1.8.4"}]}], "references": [{"url": "https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5", "name": "https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06", "name": "https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/blinkospace/blinko/releases/tag/1.8.4", "name": "https://github.com/blinkospace/blinko/releases/tag/1.8.4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-23T20:33:32.754Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23481", "state": "PUBLISHED", "dateUpdated": "2026-03-24T18:45:57.927Z", "dateReserved": "2026-01-13T15:47:41.627Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-23T20:33:32.754Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:blinko:blinko:*:*:*:*:*:*:*:*", "matchCriteriaId": "31941A3D-C688-40DF-AA55-1AF9056275D0", "versionEndExcluding": "1.8.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4."}, {"lang": "es", "value": "Blinko es un proyecto de toma de notas en tarjetas impulsado por IA. Antes de la versi\u00f3n 1.8.4, existe una vulnerabilidad de escritura arbitraria de archivos autenticada en saveAdditionalDevFile. Este problema ha sido parcheado en la versi\u00f3n 1.8.4."}], "id": "CVE-2026-23481", "lastModified": "2026-03-24T18:50:03.907", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-23T21:17:02.100", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/blinkospace/blinko/commit/02a4205f1ad22d0e78dc2ab2967b551d0dbd0a06"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/blinkospace/blinko/releases/tag/1.8.4"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/blinkospace/blinko/security/advisories/GHSA-38hg-8p2j-76g5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.8.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "blinko", "source": "cna", "vendor": "blinkospace"}, "product": "blinko", "vendor": "blinkospace"}], "analysis": {"en": {"generated_at": "2026-03-24T20:44:19.778365+00:00", "value": {"mitigation_remediation": ["Apply Blinko version 1.8.4 or later, which contains the fix for the saveAdditionalDevFile file\u2011write issue."], "summary": {"action": "Patch", "impact": "Authenticated arbitrary file write"}, "threat_synthesis": {"affected_systems": "Blinko, provided by blinkospace, affected in all releases prior to version 1.8.4. Any deployment using an earlier version is vulnerable.", "description_and_impact": "The flaw resides in the Blinko component saveAdditionalDevFile, permitting an authenticated user to write files to arbitrary paths. This can lead to the overwriting or creation of files that the application depends on, potentially disrupting functionality or providing a foothold for further malicious actions. The weakness is a classic absolute path traversal (CWE\u201122).", "risk_and_exploitability": "The vulnerability scores a CVSS of 5.3, indicating moderate severity. The EPSS score is below 1\u202f%, suggesting a low likelihood of exploitation in the wild, and it is not listed in the CISA KEV catalog. Exploitation requires the attacker to be authenticated within the Blinko environment; no public exploit has been disclosed. Attackers with legitimate access could craft file names that redirect writes to critical locations, thereby degrading data integrity or enabling persistence."}}}}, "created": "2026-03-24T10:32:52.187275+00:00", "updated": "2026-03-25T20:36:41.282027+00:00", "vendors": ["blinkospace", "blinkospace$PRODUCT$blinko"]}