Mastodawn

🔒 Vikunja 2.2.2 is out: nine security fixes including a critical chain that could expose instance-wide data. Also adds centralized SSRF protection and a few nice bug fixes. Please update soon!

(2.2.1 has been released as well but did not fix the issues fully, therefore I went and pushed 2.2.2 right after)

https://vikunja.io/changelog/vikunja-v2.2.2-was-released

Vikunja 2.2.1 and 2.2.2: Nine security fixes, and quality of life improvements

Vikunja 2.2.1 and 2.2.2 fix nine security vulnerabilities including a critical chain allowing unauthenticated instance-wide data access, adds centralized SSRF protection, and includes several bug fixes and improvements.

Vikunja (/vɪˈkuːnjə/)1d ago

PSA: Because of the great recent success, there will be ANOTHER release later today or tomorrow fixing 9 more security vulnerabilities.

Vikunja (/vɪˈkuːnjə/)4d ago

🔒 Vikunja 2.2.0 is out! 10 security fixes (update now!), plus task duplication, an improved Gantt chart with subtask hierarchy & dependency arrows, and user-level webhooks. 237 commits of goodness 🚀

https://vikunja.io/changelog/vikunja-v2.2.0-was-released

Vikunja 2.2.0: Ten security fixes, Gantt overhaul, and task duplication

Vikunja 2.2.0 fixes ten security vulnerabilities including three critical Desktop Electron issues, adds task duplication, a Gantt chart overhaul with subtask hierarchy and relation arrows, user-level webhooks, and many quality of life improvements.

Vikunja (/vɪˈkuːnjə/)4d ago

🔒 Vikunja 2.2.0 is out! 10 security fixes (update now!), plus task duplication, an improved Gantt chart with subtask hierarchy & dependency arrows, and user-level webhooks. 237 commits of goodness 🚀

https://vikunja.io/changelog/vikunja-v2.2.0-was-released

Vikunja 2.2.0: Ten security fixes, Gantt overhaul, and task duplication

Vikunja 2.2.0 fixes ten security vulnerabilities including three critical Desktop Electron issues, adds task duplication, a Gantt chart overhaul with subtask hierarchy and relation arrows, user-level webhooks, and many quality of life improvements.

Vikunja (/vɪˈkuːnjə/)5d ago

PSA: The next Vikunja release will fix 10 (!) CVEs. If all goes well, later today or tomorrow.

Vikunja (/vɪˈkuːnjə/)Mar 10

📣 Vikunja now (finally) has help docs for end users! Check it out at the website and tell me what you think: https://vikunja.io/help

Help

Learn how to use Vikunja day to day. Start with the basics, then jump to the feature you need.

Vikunja (/vɪˈkuːnjə/)Feb 27

🎉 Just two days after the last release, Vikunja 2.1.0 is now released!

🔒 Fixes a security issue with password reset tokens and adds a nice touch: checklist indicators now turn green when all items are done!

Check out the full release post on the website: https://vikunja.io/changelog/vikunja-v2.1.0-was-released/

Vikunja 2.1.0: One security fix and some improvements

Vikunja 2.1.0 fixes a security issue where password reset tokens were not cleaned up after use (CVE-2026-28268) and includes quality of life improvements like a green checklist indicator when all items are done.

Vikunja (/vɪˈkuːnjə/)Feb 25

🚀 Vikunja 2.0.0 is out!

🔒 4 critical security fixes
🔑 rebuilt session management
📊 improved Gantt charts with partial dates
💬 comment sorting
and more!

Please update ASAP!

Check out the full release notes:

https://vikunja.io/changelog/vikunja-v2.0.0-was-released/

Vikunja 2.0.0: Many security fixes and a few breaking changes

Vikunja 2.0.0 includes four critical security fixes, rebuilt session management, Typesense removal, and new features like comment sorting, improved Gantt charts, and LDAP anonymous bind support.

Vikunja (/vɪˈkuːnjə/)Feb 24

PSA: Vikunja 1.2.0 will be released tomorrow or the day after. It will fix four (!) critical security vulnerabilities.

Show thread

Vikunja (/vɪˈkuːnjə/)Feb 12

The post is now updated with details about the vulnerability!