CVE-2023-27035

MEDIUM

Obsidian Canvas 1.1.9 - Unauthenticated Sensitive Web API Access via Embedded Website

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-27035. PoCs published by fivex3.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2023-27035, demonstrating how embedded web pages in Obsidian Canvas can exploit missing permission request handlers to access sensitive Web APIs like microphone recording and desktop notifications without user consent.

Description

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

Exploits (1)

nomisec WORKING POC 1 stars
by fivex3 · poc
https://github.com/fivex3/CVE-2023-27035

This repository provides a functional proof-of-concept for CVE-2023-27035, demonstrating how embedded web pages in Obsidian Canvas can exploit missing permission request handlers to access sensitive Web APIs like microphone recording and desktop notifications without user consent.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Obsidian (Canvas feature) versions 1.1.9 to 1.1.14
No auth needed
Prerequisites: Hosted HTML file with malicious JavaScript · User interaction to open a crafted Obsidian Canvas file
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Scores

CVSS v3 6.5
EPSS 0.0184
EPSS Percentile 76.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-276
Status published
Products (1)
obsidian/obsidian 1.1.9
Published May 01, 2023
Tracked Since Feb 18, 2026