GO-2026-4951 Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output in code.vikunja.io/api

Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabilit...

PT-2026-42364

Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabilit...

EUVD-2026-21428

Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output...

PT-2026-30464

🚨 LIVE HIJACK ALERT — CVE-2026-77777. CVSS 8.9. attacker feeds poisoned task output to CrewAI agent memory. future tasks execute attacker instructions as if they were original goals. investigating. 🧵...

ansible-core: possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as...

Information disclosure

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive...