Unrated severityOSV Advisory· Published Jan 7, 2026· Updated Jan 8, 2026
Titra APIs have Improper Access Control
CVE-2026-21694
Description
Titra is open source project time tracking software. Versions 0.99.49 and below have Improper Access Control, allowing users to view and edit other users' time entries in private projects they have not been granted access to. This issue is fixed in version 0.99.50.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 0.1.0, 0.10.0, 0.11.0, …
Patches
Vulnerability mechanics
References
2- github.com/kromitgmbh/titra/commit/29e6b88eca005107729e45a6f1731cf0fa5f8938mitrex_refsource_MISC
- github.com/kromitgmbh/titra/security/advisories/GHSA-mr2r-wjf8-cj3cmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.