Lucene search
+L

5 matches found

EUVD
EUVD
added 2026/02/08 1:9 a.m.7 views

EUVD-2026-5821

A security vulnerability has been detected in WeKan up to 8.20. Impacted is an unknown function of the file server/publications/rules.js of the component Rules Handler. The manipulation leads to missing authorization. The attack can be initiated remotely. Upgrading to version 8.21 is recommended ...

6.5CVSS4.6AI score0.00244EPSS
Exploits0References6
EUVD
EUVD
added 2026/02/08 1:9 a.m.5 views

EUVD-2026-5822

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

6.9CVSS5.3AI score0.00342EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.13 views

PT-2026-6945

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A security flaw exists in WeKan up to version 8.20. The issue affects unknown code within the server/methods/fixDuplicateLists.js file of the Administrative Repair Handler component, leading to improper...

6.5CVSS5.5AI score0.00239EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/02/05 8:32 p.m.4 views

CVE-2026-1962

A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation leads to improper access controls. The attack may be initiated remotely. Upgrading to version 8.21 is...

6.5CVSS4.8AI score0.00323EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/02/05 12:32 a.m.4 views

CVE-2026-1898 WeKan LDAP User Sync syncUser.js SyncLDAPBleed access control

A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...

6.5CVSS6.1AI score0.00266EPSS
Exploits0References6
Rows per page
Query Builder