CVE-2026-23481

Name of the Vulnerable Software and Affected Versions Blinko versions prior to 1.8.4

Description Blinko is an AI-powered card note-taking project. A flaw exists in the saveAdditionalDevFile function that allows for authenticated arbitrary file writing. This means a user with valid credentials could potentially write files to the system.

Recommendations Update to version 1.8.4 or later.