Lucene search
K

5 matches found

NVD
NVD
added 2026/03/18 2:16 a.m.8 views

CVE-2026-29056

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registration endpoint UserInviteController::register accepts all POST parameters and passes them to UserModel::create without filtering out the role field. An attacker who receives an...

8.8CVSS0.00371EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/18 1:56 a.m.4 views

CVE-2026-29056 Kanboard's privilege escalation via mass assignment in user invite registration allows any invited user to become admin

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registration endpoint UserInviteController::register accepts all POST parameters and passes them to UserModel::create without filtering out the role field. An attacker who receives an...

8.3CVSS5.8AI score0.00371EPSS
Exploits1References1
OSV
OSV
added 2026/03/18 1:56 a.m.7 views

CVE-2026-29056 Kanboard's privilege escalation via mass assignment in user invite registration allows any invited user to become admin

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registration endpoint UserInviteController::register accepts all POST parameters and passes them to UserModel::create without filtering out the role field. An attacker who receives an...

8.3CVSS5.9AI score0.00371EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-29056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registration endpoint...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/03/18 12:0 a.m.3 views

CVE-2026-29056

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registration endpoint UserInviteController::register accepts all POST parameters and passes them to UserModel::create without filtering out the role field. An attacker who receives an...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References2
Rows per page
Query Builder