Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 10 Jul 2026 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes share hashes to users with read access, enabling permission escalation to admin-level shares. The GetTaskAttachment endpoint performs permission checks against user-supplied task IDs but fetches attachments by sequential ID without verifying ownership, allowing attackers to download and delete all file attachments across all projects instance-wide. | |
| Title | Vikunja - Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR | |
| First Time appeared |
Vikunja
Vikunja vikunja |
|
| Weaknesses | CWE-639 | |
| CPEs | cpe:2.3:a:vikunja:vikunja:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Vikunja
Vikunja vikunja |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-10T13:57:59.648Z
Reserved: 2026-06-22T21:55:17.942Z
Link: CVE-2026-56765
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-10T15:30:16Z