Lucene search
+L

26 matches found

osv
osv
added 6 days ago2 views

CVE-2026-56765 Vikunja - Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR

Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes share hashes to users with read access, enabling permission escalation to admin-level shares. The GetTaskAttachment endpoint performs permission checks against user-supplied task IDs but fetches...

9.3CVSS6.1AI score0.00351EPSS
Exploits0References4
cve
cve
added 2026/06/01 4:53 p.m.42 views

CVE-2026-45282

This CVE affects Nextcloud Server versions 32.0.0–32.0.8 and 33.0.0–33.0.2, where an authenticated attacker can access attachments of link shares using a valid share token and a known documentId, bypassing password protection or download restrictions. The vulnerability enables access to attachmen...

6.5CVSS5.7AI score0.00294EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2026/04/10 4:16 p.m.3 views

CVE-2026-35594

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...

6.5CVSS0.00268EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2026/04/10 3:55 p.m.4 views

CVE-2026-35594 Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...

6.5CVSS5.7AI score0.00268EPSS
Exploits1References4
cvelist
cvelist
added 2026/04/10 3:55 p.m.30 views

CVE-2026-35594 Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...

6.5CVSS0.00268EPSS
Exploits1References4
cve
cve
added 2026/04/10 3:55 p.m.14 views

CVE-2026-35594

CVE-2026-35594 affects Vikunja prior to version 2.3.0, where link-share JWTs were validated entirely from JWT claims without server-side checks. The GetLinkShareFromClaims path builds a LinkSharing object without database validation, allowing previously issued link-share JWTs to retain their orig...

6.5CVSS5.7AI score0.00268EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/04/10 3:55 p.m.3 views

CVE-2026-35594 Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, Vikunja's link share authentication GetLinkShareFromClaims in pkg/models/linksharing.go constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner delet...

6.5CVSS5.9AI score0.00268EPSS
Exploits1References6
snyk
snyk
added 2026/04/10 3:31 p.m.8 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration due to the lack of server-side validation in the GetLinkShareFromClaims process. An attacker can retain unauthorized access to resources by using previously issued JWT tokens even after a link share is...

6.9CVSS5.8AI score0.00268EPSS
Exploits1References2
osv
osv
added 2026/04/10 3:31 p.m.4 views

GHSA-96Q5-XM3P-7M84 Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Title Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner deletes a link share or...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/04/10 12:0 a.m.11 views

PT-2026-31945

Name of the Vulnerable Software and Affected Versions Vikunja versions prior to 2.3.0 Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without server-side database validation. When a project owner deletes a link share or downgrades its...

6.5CVSS5.7AI score0.00268EPSS
Exploits1References10
susecve
susecve
added 2026/03/28 12:24 a.m.7 views

SUSE CVE-2026-33700

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DELETE /api/v1/projects/:project/shares/:share endpoint does not verify that the link share belongs to the project specified in the URL. An attacker with admin access to any project can delete link shares...

6.9CVSS5.9AI score0.00205EPSS
Exploits0References3
osv
osv
added 2026/03/26 8:33 p.m.6 views

GO-2026-4850 Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion in code.vikunja.io/api

Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

6.9CVSS5.9AI score0.00205EPSS
Exploits0References3
osv
osv
added 2026/03/26 8:33 p.m.4 views

GO-2026-4848 Vikjuna: Link Share Hash Disclosure via ReadAll Endpoint Enables Permission Escalation in code.vikunja.io/api

Vikjuna: Link Share Hash Disclosure via ReadAll Endpoint Enables Permission Escalation in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fr...

7.5CVSS5.9AI score0.00398EPSS
Exploits1References4
osv
osv
added 2026/03/26 4:56 p.m.2 views

GHSA-2PV8-4C52-MF8J Vikunja: Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR

Summary Two independently-exploitable authorization flaws in Vikunja can be chained to allow an unauthenticated attacker to download and delete every file attachment across all projects in a Vikunja instance. The ReadAll endpoint for link shares exposes share hashes including admin-level shares t...

9.1CVSS5.9AI score0.00351EPSS
Exploits0References5
github
github
added 2026/03/26 4:56 p.m.6 views

Vikunja: Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR

Summary Two independently-exploitable authorization flaws in Vikunja can be chained to allow an unauthenticated attacker to download and delete every file attachment across all projects in a Vikunja instance. The ReadAll endpoint for link shares exposes share hashes including admin-level shares t...

5.9AI score
Exploits0References5Affected Software1
cve
cve
added 2026/03/24 3:51 p.m.15 views

CVE-2026-33700

Summary: Vikunja before 2.2.1 had an IDOR on link share deletion. The vulnerable endpoint is DELETE /api/v1/projects/:project/shares/:share, which did not verify that the link share belongs to the project in the URL. An admin of any project could delete link shares from other projects by supplyin...

6.9CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/03/24 3:51 p.m.8 views

CVE-2026-33700 Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DELETE /api/v1/projects/:project/shares/:share endpoint does not verify that the link share belongs to the project specified in the URL. An attacker with admin access to any project can delete link shares...

6.9CVSS6.3AI score0.00205EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/03/24 3:51 p.m.4 views

CVE-2026-33700 Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DELETE /api/v1/projects/:project/shares/:share endpoint does not verify that the link share belongs to the project specified in the URL. An attacker with admin access to any project can delete link shares...

6.9CVSS5.8AI score0.00205EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/24 3:51 p.m.23 views

CVE-2026-33700 Vikunja has a Link Share Delete IDOR — Missing Project Ownership Check Allows Cross-Project Link Share Deletion

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DELETE /api/v1/projects/:project/shares/:share endpoint does not verify that the link share belongs to the project specified in the URL. An attacker with admin access to any project can delete link shares...

6.9CVSS0.00205EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/01/30 9:59 p.m.3 views

CVE-2026-25154 LocalSend has Stored XSS in Web Share Interface via Filename

LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend application starts a loca...

6.1CVSS5.3AI score0.00278EPSS
Exploits1References2
Rows per page
Query Builder