CVE-2026-33679
Published: 24 March 2026
Summary
CVE-2026-33679 is a medium-severity SSRF (CWE-918) vulnerability in Vikunja Vikunja. Its CVSS base score is 6.4 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Cloud Instance Metadata API (T1522); ranked at the 3.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates OIDC picture claim URLs in the DownloadImage function to block SSRF by rejecting internal or unauthorized endpoints.
Enforces information flow policies to restrict server outbound requests from user-controlled avatar URLs to arbitrary internal destinations.
Implements boundary protection to monitor and filter unauthorized outbound HTTP requests to cloud metadata or internal services.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF in avatar image fetcher directly enables attacker-controlled requests to cloud metadata endpoints (and internal HTTP services), mapping to Cloud Instance Metadata API access for discovery and credential theft.
NVD Description
Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the `DownloadImage` function in `pkg/utils/avatar.go` uses a bare `http.Client{}` with no SSRF protection when downloading user avatar images from the OpenID Connect `picture` claim URL. An attacker who…
more
controls their OIDC profile picture URL can force the Vikunja server to make HTTP GET requests to arbitrary internal or cloud metadata endpoints. This bypasses the SSRF protections that are correctly applied to the webhook system. Version 2.2.1 patches the issue.
Deeper analysisAI
CVE-2026-33679 is a Server-Side Request Forgery (SSRF) vulnerability (CWE-918) in Vikunja, an open-source self-hosted task management platform. The issue affects versions prior to 2.2.1 and resides in the `DownloadImage` function within `pkg/utils/avatar.go`. This function employs a bare `http.Client{}` lacking SSRF protections when fetching user avatar images from OpenID Connect `picture` claim URLs, enabling unintended outbound requests.
An authenticated attacker with low privileges (PR:L) can exploit this by controlling their OIDC profile picture URL, tricking the Vikunja server into issuing HTTP GET requests to arbitrary internal or cloud metadata endpoints. This circumvents SSRF mitigations properly implemented in the webhook system. Per the CVSS v3.1 score of 6.4 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:L), exploitation occurs over the network with low complexity, no user interaction, and changed scope, yielding low confidentiality impact alongside negligible integrity and availability effects.
Vikunja version 2.2.1 resolves the vulnerability by adding appropriate SSRF protections to the avatar download process, as detailed in the patch commit (363aa6642352b08fc8bc6aaff2f3a550393af1cf). The GitHub security advisory (GHSA-g9xj-752q-xh63) and changelog for v2.2.2 confirm the fix and recommend upgrading immediately.
Details
- CWE(s)