CVE-2026-33680 | go-vikunja up to 2.2.1 LinkSharing.ReadAll improper authorization (GHSA-8hp8-9fhr-pfm9)

A vulnerability labeled as critical has been found in go-vikunja vikunja up to 2.2.1. The impacted element is the function LinkSharing.ReadAll. Executing a manipulation can lead to improper authorization.

This vulnerability is registered as CVE-2026-33680. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More