CVE-2026-25560

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.19

Description The software contains an LDAP filter injection issue in LDAP authentication. User-supplied input from the username is used in LDAP search filters and DN-related values without proper escaping. This allows manipulation of LDAP queries during authentication.

Recommendations Update to version 8.19 or later.