Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/08 1:44 a.m.6 views

CVE-2026-30845

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

8.2CVSS5.7AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/03/06 8:16 p.m.6 views

CVE-2026-30845

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

8.2CVSS0.00291EPSS
Exploits0References3
CVE
CVE
added 2026/03/06 7:34 p.m.10 views

CVE-2026-30845

Wekan (Meteor-based Kanban) is affected in versions 8.31.0–8.33 where the board composite publication does not filter fields, exposing webhook URLs and authentication tokens to any subscriber, including read-only, comment-only, and unauthenticated DDP clients for public boards. This data exposure...

8.2CVSS5.7AI score0.00291EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/06 7:34 p.m.3 views

CVE-2026-30845 Wekan Exposes Sensitive Data through Lack of Field Filtering During Board Publication

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

6.9CVSS5.7AI score0.00291EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/06 7:34 p.m.34 views

CVE-2026-30845 Wekan Exposes Sensitive Data through Lack of Field Filtering During Board Publication

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

6.9CVSS0.00291EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/06 7:34 p.m.5 views

CVE-2026-30845

Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integration data for a board without any field filtering, exposing sensitive fields including webhook URLs and authentication tokens to any subscriber...

6.9CVSS5.7AI score0.00291EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder