CVE-2026-35593: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in TriliumNext Trilium
Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. The uploadModifiedFileToAttachment function, which is called when a POST request is received to /api/attachments/{attachmentId}/upload-modified-file, replaces the content of the attachment with the content from another file (whose path is provided in filePath of Request body). After which the content of the attachment can be viewed at /api/attachments/{attachmentId}/download. This exposes sensitive system files such as SSH keys, credentials, configs, and OS files, potentially leading to remote code execution and compromise of co-hosted applications. This issue has been fixed in version 0.102.2.
AI Analysis
Technical Summary
CVE-2026-35593 is a path traversal vulnerability (CWE-22) in Trilium Notes (versions prior to 0.102.2) that enables authenticated users to perform local file inclusion via the uploadModifiedFileToAttachment function. By sending a specially crafted POST request to /api/attachments/{attachmentId}/upload-modified-file with a filePath parameter, an attacker can overwrite an attachment's content with arbitrary files from the server. This allows reading sensitive system files and potentially leads to remote code execution and compromise of co-hosted applications. The vulnerability has been addressed in version 0.102.2.
Potential Impact
An authenticated attacker can read arbitrary files on the server hosting Trilium Notes, including sensitive files like SSH keys and credentials. This exposure can lead to further attacks such as remote code execution and compromise of other applications on the same host. The CVSS score is 6.8 (medium severity), reflecting network attack vector, low attack complexity, required privileges, no user interaction, and high confidentiality impact.
Mitigation Recommendations
Upgrade Trilium Notes to version 0.102.2 or later, where this vulnerability is fixed. No other mitigation is indicated or required according to the available data.
CVE-2026-35593: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in TriliumNext Trilium
Description
Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. The uploadModifiedFileToAttachment function, which is called when a POST request is received to /api/attachments/{attachmentId}/upload-modified-file, replaces the content of the attachment with the content from another file (whose path is provided in filePath of Request body). After which the content of the attachment can be viewed at /api/attachments/{attachmentId}/download. This exposes sensitive system files such as SSH keys, credentials, configs, and OS files, potentially leading to remote code execution and compromise of co-hosted applications. This issue has been fixed in version 0.102.2.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-35593 is a path traversal vulnerability (CWE-22) in Trilium Notes (versions prior to 0.102.2) that enables authenticated users to perform local file inclusion via the uploadModifiedFileToAttachment function. By sending a specially crafted POST request to /api/attachments/{attachmentId}/upload-modified-file with a filePath parameter, an attacker can overwrite an attachment's content with arbitrary files from the server. This allows reading sensitive system files and potentially leads to remote code execution and compromise of co-hosted applications. The vulnerability has been addressed in version 0.102.2.
Potential Impact
An authenticated attacker can read arbitrary files on the server hosting Trilium Notes, including sensitive files like SSH keys and credentials. This exposure can lead to further attacks such as remote code execution and compromise of other applications on the same host. The CVSS score is 6.8 (medium severity), reflecting network attack vector, low attack complexity, required privileges, no user interaction, and high confidentiality impact.
Mitigation Recommendations
Upgrade Trilium Notes to version 0.102.2 or later, where this vulnerability is fixed. No other mitigation is indicated or required according to the available data.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-03T21:25:12.161Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a0cf6e2ba1db47362fb1b4e
Added to database: 5/19/2026, 11:48:50 PM
Last enriched: 5/20/2026, 12:03:34 AM
Last updated: 5/20/2026, 2:35:11 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.