CVE-2026-2207

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21

Description A weakness exists in WeKan related to the Activity Publication Handler component, specifically in the processing of the file server/publications/activities.js. A manipulation of this component can lead to information disclosure and can be launched remotely.

Recommendations Upgrade to version 8.21 to address the issue.

Fix

Improper Access Control

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-200

Related Identifiers

CVE-2026-2207

Affected Products

Wekan

CVE-2026-2207

Weakness Enumeration

Related Identifiers

Affected Products

References · 10