CVE-2026-25773
CVE-2026-25773 — Focalboard 8.0 Second-Order SQL Injection in category reorder : The vulnerability arises from insufficient sanitization of category IDs used in dynamic SQL during category reordering. An authenticated attacker can store a malicious SQL payload in the category ID field, which is l...