CVE-2026-39311

Name of the Vulnerable Software and Affected Versions Trilium Notes versions prior to 0.102.2

Description Trilium Notes contains a flaw where the lack of SVG sanitization, a disabled Content Security Policy (CSP), and a publicly reachable backend execution API allow for unauthenticated Remote Code Execution (RCE). The application serves SVG attachments with the image/svg+xml MIME type without sanitization and disables the Content Security Policy middleware, which removes defenses against script execution in served assets. Due to the Same-Origin Policy, a malicious SVG can extract the csrfToken from the document body via a fetch('/') request. This token can then be used to send a signed request to the '/api/script/exec' endpoint to execute arbitrary Node.js code on the server. An attacker can compromise the server instance by tricking an authenticated user into viewing a shared SVG attachment.

Recommendations Update to version 0.102.2.