Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.6 views

CVE-2026-25566

WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially...

7.1CVSS5.3AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2026/02/07 10:16 p.m.14 views

CVE-2026-25566

WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially...

7.1CVSS0.00222EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/07 9:58 p.m.5 views

CVE-2026-25566 WeKan < 8.19 Cross-board Card Move Without Destination Authorization

WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially...

7.1CVSS5.5AI score0.00222EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/07 9:58 p.m.31 views

CVE-2026-25566 WeKan < 8.19 Cross-board Card Move Without Destination Authorization

WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially...

7.1CVSS0.00222EPSS
Exploits0References3
CVE
CVE
added 2026/02/07 9:58 p.m.19 views

CVE-2026-25566

The connected documents confirm a concrete vulnerability in WeKan versions prior to 8.19: an authorization flaw in the card move logic allows a user to specify a destination board, list, or swimlane without proper authorization checks and without validating that the destination items belong to th...

7.1CVSS5.4AI score0.00222EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder