Browse all 35 CVE security advisories affecting go-vikunja. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27819 | Vikunja has Path Traversal in CLI Restore — vikunjaCWE-22 | 7.2 | High | 2026-02-25 |
| CVE-2026-27616 | Vikunja Vulnerable to Stored Cross-Site Scripting (XSS) via Unsanitized SVG Attachment Upload Leading to Token Exposure — vikunjaCWE-79 | 7.3 | High | 2026-02-25 |
| CVE-2026-27575 | Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password Change — vikunjaCWE-521 | 9.1 | Critical | 2026-02-25 |
| CVE-2026-27116 | Vikunja has Reflected HTML Injection via filter Parameter in Projects Module — vikunjaCWE-79 | 6.1 | Medium | 2026-02-25 |
| CVE-2026-25935 | Vikunja Affected by XSS Via Task Preview — vikunjaCWE-80 | 5.4AI | MediumAI | 2026-02-11 |
This page lists every published CVE security advisory associated with go-vikunja. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.