5 matches found
EUVD-2026-5821
A security vulnerability has been detected in WeKan up to 8.20. Impacted is an unknown function of the file server/publications/rules.js of the component Rules Handler. The manipulation leads to missing authorization. The attack can be initiated remotely. Upgrading to version 8.21 is recommended ...
EUVD-2026-5822
A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...
PT-2026-6945
Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A security flaw exists in WeKan up to version 8.20. The issue affects unknown code within the server/methods/fixDuplicateLists.js file of the Administrative Repair Handler component, leading to improper...
CVE-2026-1962
A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation leads to improper access controls. The attack may be initiated remotely. Upgrading to version 8.21 is...
CVE-2026-1898 WeKan LDAP User Sync syncUser.js SyncLDAPBleed access control
A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...