Authorization Flaw in Vikunja Affects Data Security and Access Control
CVE-2026-56765
9.3CRITICAL
What is CVE-2026-56765?
The Vikunja application prior to version 2.2.1 suffers from an authorization vulnerability that exposes sensitive share hashes through the LinkSharing.ReadAll endpoint. This flaw enables users with read access to escalate permissions, potentially gaining access to admin-level shares. Additionally, the GetTaskAttachment endpoint improperly checks user permissions against provided task IDs and retrieves attachments based on sequential IDs, without confirming ownership. This oversight allows malicious users to download and delete all file attachments across various projects, resulting in a significant breach of data integrity across user instances.
Affected Version(s)
Vikunja 0 < 2.2.1
Vikunja 2.2.1
