Notion leaks email addresses of all editors of any public page according to OSINT researcher weezerOSINT. The flaw enables bulk collection via public page metadata and edit history without additional authentication. Primary coverage identified the leak but did not address its interaction with Notion AI features rolled out in 2023 that scan workspace content requiring expanded data access (Notion Blog, 2023).

Notion's 2023 AI launch expanded backend permissions for generative tools across shared pages (https://www.notion.so/blog/introducing-notion-ai). A parallel 2024 incident involved Miro collaborative boards exposing participant metadata per Bleeping Computer reporting. Stanford researchers' 2024 analysis of collaboration platforms documented recurring permission model failures after AI integrations.

Original reporting missed enterprise exposure risks where public pages link to SSO-protected workspaces and the pattern of increased vulnerability reports following AI feature additions across Notion, Confluence and Figma documented in Atlassian and KrebsOnSecurity archives.