CVE-2024-23743

LOW

notion/notion < 3.1.0 - Unauthenticated Remote Code Execution via RunAsNode and enableNodeClilnspectArguments

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-23743. PoCs published by giovannipajeu1.

AI-analyzed exploit summary The repository provides a technical writeup for CVE-2024-23743, detailing an arbitrary code execution vulnerability in Notion for macOS v3.1.0 via the RunAsNode and enableNodeClilnspectArguments components. It references the use of the electroniz3r tool for vulnerability validation and includes screenshots of the exploitation process.

Description

Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment."

Exploits (2)

nomisec WRITEUP 1 stars

by giovannipajeu1 · poc

https://github.com/giovannipajeu1/CVE-2024-23743

View Code ZIP pw:eip

The repository provides a technical writeup for CVE-2024-23743, detailing an arbitrary code execution vulnerability in Notion for macOS v3.1.0 via the RunAsNode and enableNodeClilnspectArguments components. It references the use of the electroniz3r tool for vulnerability validation and includes screenshots of the exploitation process.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Notion for macOS v3.1.0

No auth needed

Prerequisites: Access to the target system running Notion for macOS v3.1.0 · Ability to deliver a crafted payload

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

inthewild WRITEUP

poc

https://github.com/v3x0r/cve-2024-23743

View Code ZIP pw:eip

The repository provides a technical writeup for CVE-2024-23743, detailing an arbitrary code execution vulnerability in Notion for macOS v3.1.0 via the RunAsNode and enableNodeClilnspectArguments components. It includes screenshots of the exploitation process using the electroniz3r tool but lacks actual exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Notion for macOS v3.1.0

No auth needed

Prerequisites: electroniz3r tool · access to vulnerable Notion instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://github.com/r3ggi/electroniz3r

View Writeup ZIP pw:eip

Various Sources

https://www.electronjs.org/blog/statement-run-as-node-cves

Exploit

https://github.com/V3x0r/CVE-2024-23743

Scores

CVSS v3 3.3

EPSS 0.0016

EPSS Percentile 36.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-250

Status published

Products (1)

notion/notion < 3.1.0

Published Jan 28, 2024

Tracked Since Feb 18, 2026