IP Spoofing Vulnerability in HedgeDoc Application by HedgeDoc Team
CVE-2026-58488

6.9MEDIUM

Key Information:

Vendor

Hedgedoc

Status
Vendor
CVE Published:
13 July 2026

What is CVE-2026-58488?

A vulnerability exists in HedgeDoc, an open-source collaborative markdown notes application, due to inadequate rate-limiting mechanisms in the /login and /register routes. Attackers can exploit this flaw by spoofing IP addresses through the use of CloudFlare's cf-connecting-ip header. This allows unauthorized access to bypass rate limiting, enabling attackers to overwhelm the login mechanism with spam requests or to create an excessive number of accounts in a short span of time. This vulnerability has been addressed in HedgeDoc version 1.11.0, reinforcing the security of its user authentication processes.

Affected Version(s)

hedgedoc < 1.11.0

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.