CVE-2026-39310 – Trilium

CVSS 8.6 IMPORTANT

“Access control gaps in note platforms can expose private knowledge and raise attacker privileges fast.”

TriliumNext released a patch for a high-severity vulnerability affecting Trilium. CVE-2026-39310 has a CVSS score of 8.6, which is High severity.

The vulnerability involves improper access control and missing authentication checks that could allow privilege escalation in affected Trilium environments. Public proof-of-concept code is available. The update strengthens authorization controls and reduces the risk of unauthorized access to protected notes and application functions.

Key Details

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
CWE Classification: CWE-284

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-39310 – Trilium

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002