CVE-2026-30954 PUBLISHED

LinkAce has a Cross-User Tag/List Attachment IDOR in processTaxonomy()

Assigner: GitHub_M
Reserved: 07.03.2026 Published: 10.03.2026 Updated: 11.03.2026

LinkAce is a self-hosted archive to collect website links. In 2.1.0 and earlier, the processTaxonomy() method in LinkRepository.php allows authenticated users to attach other users' private tags and lists to their own links by passing integer IDs.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 5.3

Product Status

Vendor Kovah
Product LinkAce
Versions
  • Version <= 2.1.0 is affected

References

Problem Types

  • CWE-639: Authorization Bypass Through User-Controlled Key CWE