Vulnerabilities > Notable > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-27 | CVE-2022-26198 | Unspecified vulnerability in Notable 1.8.4 Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field. | 9.8 |
| 2020-12-10 | CVE-2020-16608 | Cross-site Scripting vulnerability in Notable 1.8.4 Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true). | 9.6 |