CVE-2026-33676 | go-vikunja up to 2.2.0 API related_tasks authorization (GHSA-8cmm-j6c4-rr8v)

A vulnerability was found in go-vikunja vikunja up to 2.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component API. The manipulation of the argument related_tasks results in incorrect authorization.

This vulnerability is identified as CVE-2026-33676. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More