CVE-2026-30954

Name of the Vulnerable Software and Affected Versions LinkAce versions prior to 2.1.1

Description LinkAce is a self-hosted archive for collecting website links. Versions 2.1.0 and earlier contain an issue where the processTaxonomy() method within the LinkRepository.php file allows authenticated users to associate tags and lists belonging to other users with their own links. This is achieved by submitting integer IDs.

Recommendations Update to version 2.1.1 or later.