Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.5 views

CVE-2026-33335

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper passes URLs from window.open calls directly to shell.openExternal without any validation or protocol allowlisting. An attacker who can place ...

6.4CVSS5.9AI score0.00248EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/24 3:7 p.m.3 views

CVE-2026-33335

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper passes URLs from window.open calls directly to shell.openExternal without any validation or protocol allowlisting. An attacker who can place ...

6.4CVSS5.9AI score0.00248EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/24 3:7 p.m.4 views

EUVD-2026-14909

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper passes URLs from window.open calls directly to shell.openExternal without any validation or protocol allowlisting. An attacker who can place ...

6.4CVSS5.9AI score0.00248EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.6 views

PT-2026-27443

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper passes URLs from window.open calls directly to shell.openExternal without any validation or protocol allowlisting. An attacker who can place ...

6.4CVSS5.9AI score0.00248EPSS
Exploits1References3
Rows per page
Query Builder