github.com/usememos/memos
govv0.28.0Open-source, self-hosted note-taking tool built for quick capture. Markdown-native, lightweight, and fully yours.
License MITpermissive92 versions362 maintainers0 deps59,272 weekly dl
usememos/memos83
/ 100
Health
update required
github.com/usememos/[email protected] has vulnerabilities — update to latest
Update to >= 0.10.4-0.20230211093429-b11d2130a084 to fix known vulnerabilities
- 1 high severity vulnerabilities
Health breakdown0 – 100
25/25
maintenance
10/20
popularity
18/25
security
15/15
maturity
15/15
community
Vulnerabilities
7
1 high1 medium5 low
Advisories (7)
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| high | CVE-2023-4698 | usememos/memos vulnerable to improper input validation | — |
| medium | CVE-2022-25978 | Cross Site Scripting in usememos/memos | 0.10.4-0.20230211093429-b11d2130a084 |
| unknown | CVE-2022-25978 | Cross site scripting in github.com/usememos/memos | 0.10.4-0.20230211093429-b11d2130a084 |
| unknown | CVE-2025-22952 | Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos | — |
| unknown | CVE-2025-56760 | Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos | — |
| unknown | CVE-2025-56761 | Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos | — |
| unknown | CVE-2024-21635 | Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos | — |
Maintainer trust
Active maintainers (3m)
7
Contributors (12m)
7
Primary author dominance
63%
GitHub stars
59,178
Health History
Dependency Tree
License Audit
API access
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/go/github.com/usememos/memosLast updated · 2026-04-27T00:56:00Z