8 matches found
CVE-2026-30847
Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the notificationUsers publication in Wekan publishes user documents with no field filtering, causing the ReactiveCache.getUsers call to return all fields including highly sensitive data such as bcrypt password...
CVE-2026-25530
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, the getSwimlane API method lacks project-level authorization, allowing authenticated users to access swimlane data from projects they cannot access. This vulnerability is fixed in 1.2.50...
Deck 安全漏洞
Deck is a Kanban style organization tool open-sourced by Nextcloud. Designed for personal planning and project organization for teams integrating with Nextcloud. A security vulnerability exists in Deck versions prior to 1.12.7, prior to 1.14.4, and prior to 1.15.1, which stems from a file extensi...
EUVD-2023-26625
Malicious code in bioql PyPI...
EUVD-2022-33567
Malicious code in bioql PyPI...
EUVD-2024-36867
Malicious code in bioql PyPI...
EUVD-2023-26624
Malicious code in bioql PyPI...
EUVD-2023-26623
Malicious code in bioql PyPI...