code.vikunja.io/api vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-33312Mediumcode.vikunja.io/api: Vikunja read-only users can delete project background images via broken object-level authorizationCVE-2026-29794Mediumcode.vikunja.io/api: Vikunja has a Rate-Limit Bypass for Unauthenticated Users via Spoofed HeadersCVE-2026-28268Criticalcode.vikunja.io/api: Vikunja Vulnerable to Account Takeover via Password Reset Token ReuseCVE-2026-27819Highcode.vikunja.io/api: Vikunja has Path Traversal in CLI RestoreCVE-2026-27616Highcode.vikunja.io/api: Vikunja: Stored XSS via Unsanitized SVG Attachment Upload Leads to Token ExposureCVE-2026-27575Criticalcode.vikunja.io/api: Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password ChangeCVE-2026-27116Mediumcode.vikunja.io/api: Vikunja has Reflected HTML Injection via filter Parameter in its Projects ModuleCVE-2026-25935Highcode.vikunja.io/api: Vikunja Vulnerable to XSS Via Task Preview

Stop the waste.
Protect your environment with Kodem.