Lucene search
K

5 matches found

CVE
CVE
added 2026/02/05 9:32 p.m.15 views

CVE-2026-1964

CVE-2026-1964 affects WeKan up to version 8.20, in the REST Endpoint’s models/boards.js, causing improper access controls. The vulnerability enables remote exploitation as described across multiple sources, with upgrade to 8.21 and official patch 545566f5663545d16174e0f2399f231aa693ab6e recommend...

5.3CVSS5AI score0.00218EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.10 views

PT-2026-6076

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A flaw exists in WeKan related to missing authorization within the Position-History Tracking component, specifically in the file server/methods/positionHistory.js. This issue allows for remote...

5.3CVSS5.4AI score0.003EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/02/04 11:32 p.m.6 views

CVE-2026-1896

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

6.5CVSS6AI score0.00276EPSS
Exploits0References7
OSV
OSV
added 2026/02/04 11:32 p.m.5 views

CVE-2026-1896 WeKan Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration MigrationBleed access control

A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...

5.3CVSS5.5AI score0.00276EPSS
Exploits0References8
OSV
OSV
added 2021/05/26 8:15 p.m.2 views

CVE-2021-22731

Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM and MCSESP V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker...

9.8CVSS7.4AI score0.014EPSS
Exploits0References1
Rows per page
Query Builder