📦

docs

Vendor: lasuite

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.73% Exploit Prob.

Latest CVE CVE-2026-22867 Jan 15

Security Vulnerability Index

Page 1 / 1

8.7 CVSS

CVE-2026-22867

LaSuite Doc is a collaborative note taking, wiki and documentation platform. From 3.8.0 to 4.3.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Interlinking feature. When a user creates a link to another document within the editor, the URL of that link is not validated. An attacker with document editing privileges can inject a malicious javascript: URL that executes arbitrary code when other users click on the link. This vulnerability is fixed in 4.4.0.

EPSS: 0.06%

Severity: HIGH

Jan 15, 2026

7.5 CVSS

CVE-2025-56230

Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.

EPSS: 0.04%

Severity: HIGH

Nov 04, 2025

9.8 CVSS

CVE-2020-35467

The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achieve root access with a blank password.

EPSS: 2.08%

Severity: CRITICAL

Dec 15, 2020

Displaying 3 of 2 Total Entries

Total 1 Sections