CVE-2025-57798
Denial of Service in Joplin via Long Title Input
Publication date: 2026-05-19
Last updated on: 2026-05-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| laurent | app | to 3.7.1 (exc) |
| laurent | app | joplin |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability exists in Joplin, an open source note-taking application, specifically in versions 3.6.14 and earlier. It is a Denial of Service (DoS) flaw caused by improper length validation in the note title input functionality.
An attacker can exploit this by inserting an excessively long string into a note's title, which causes the application to attempt to allocate an unbounded amount of memory, leading to an Out Of Memory (OOM) error and program termination.
There are two main ways to exploit this: directly through the user interface by typing or pasting a very long string into the title field, or programmatically via the local web service API if the attacker has compromised the user's authentication token.
This vulnerability has been fixed in version 3.7.1 of Joplin.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a Denial of Service (DoS) condition.
By exploiting the flaw, an attacker can cause the Joplin application to crash due to an Out Of Memory (OOM) error, which disrupts normal use of the application.
If an attacker gains access to the local web service API through a compromised authentication token, they can remotely trigger this crash, potentially causing loss of availability of the note-taking service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusually large or excessively long strings being input into the title field of notes in Joplin, either through the user interface or via the local web service API.
To detect exploitation attempts via the local web service API, you can monitor HTTP POST requests to the local web service, typically running on port 41184, and look for requests where the title parameter contains an excessively long string.
Example commands to help detect such activity include:
- Using netstat or ss to check if the local web service is running on port 41184: `netstat -an | grep 41184` or `ss -an | grep 41184`
- Using a network packet capture tool like tcpdump to monitor HTTP POST requests to port 41184: `tcpdump -i lo port 41184 and tcp`
- Inspecting logs or capturing HTTP traffic to identify POST requests with unusually long title parameters.
Additionally, monitoring the application for Out Of Memory (OOM) errors or crashes when creating or editing notes can also indicate exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Joplin to version 3.7.1 or later, where this vulnerability has been patched.
Until the upgrade can be applied, avoid entering or allowing input of excessively long strings in the note title field.
Restrict access to the local web service API by securing or disabling it if not needed, and protect authentication tokens to prevent unauthorized API access.
Monitor the system for signs of Out Of Memory errors or unexpected application termination, which may indicate exploitation attempts.