Product
A low-privilege authenticated user can exploit CVE-2026-50553, a path traversal vulnerability in Note Mark versions up to v0.19.4, by crafting a malicious 'slug' parameter in API requests, leading to arbitrary file write outside the intended export directory when an administrator runs the 'migrate export' command, potentially allowing root-level privilege escalation and code execution.