In AFFiNE versions up to 0.26.3 a medium severity vulnerability CVE-2026-7702 was detected. This vulnerability allows remote attackers to bypass authorization and access document previews by manipulating the allowDocPreview function within the Public Markdown Preview Endpoint. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-7702.
Read more Communication and Collaboration