GHSA-m43g-m425-p68x: junit-platform-reporting can leak Git credentials through its OpenTestReportGeneratingListener 

GHSA-hc55-p739-j48w: @modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

**usememos/memos vulnerable to stored Cross-site Scripting**

Moderate severity GitHub Reviewed Published Jan 7, 2023 • Updated Jan 9, 2023