github.com/usememos/memos
govv0.27.0Open-source, self-hosted note-taking tool built for quick capture. Markdown-native, lightweight, and fully yours.
License MITpermissive91 versions359 maintainers0 deps59,054 weekly dl
usememos/memos83
/ 100
Health
update required
github.com/usememos/[email protected] has vulnerabilities — update to latest
Update to >= 0.10.4-0.20230211093429-b11d2130a084 to fix known vulnerabilities
- 1 high severity vulnerabilities
Health breakdown0 – 100
25/25
maintenance
10/20
popularity
18/25
security
15/15
maturity
15/15
community
Vulnerabilities
7
1 high1 medium5 low
Advisories (7)
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| high | CVE-2023-4698 | usememos/memos vulnerable to improper input validation | — |
| medium | CVE-2022-25978 | Cross Site Scripting in usememos/memos | 0.10.4-0.20230211093429-b11d2130a084 |
| unknown | CVE-2022-25978 | Cross site scripting in github.com/usememos/memos | 0.10.4-0.20230211093429-b11d2130a084 |
| unknown | CVE-2025-22952 | Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos | — |
| unknown | CVE-2025-56760 | Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos | — |
| unknown | CVE-2025-56761 | Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos | — |
| unknown | CVE-2024-21635 | Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos | — |
Maintainer trust
Active maintainers (3m)
1
Contributors (12m)
0
Primary author dominance
0%
GitHub stars
59,093
single active maintainer 3m
Health History
Dependency Tree
License Audit
API access
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/go/github.com/usememos/memosLast updated · 2026-04-18T20:02:50Z