A vulnerability was found in Papermark up to 0.22.0 . It has been classified as problematic . This affects an unknown part of the component TUS-based Viewer Upload Endpoint . Performing a manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability was named CVE-2026-57957 . The attack may be initiated remotely. There is no available exploit. It is suggested to install a patch to address this issue.