CVE-2026-25562

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.19

Description WeKan versions before 8.19 have an issue where attachment metadata might be revealed to users who should not have access. This happens because the system doesn’t properly limit which attachment details are shown to each user, potentially exposing information about attachments on boards and cards they aren’t authorized to view.

Recommendations Update WeKan to version 8.19 or later.