GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

An Improper Access Control vulnerability in usememos/memos 0.9.0 and prior can result in a user deleting others' public and private memos.

**usememos/memos Improper Access Control vulnerability**

High severity GitHub Reviewed Published Dec 28, 2022 • Updated Dec 30, 2022