Vulnerabilities

CVE-2026-2207 - WeKan Activity Publication activities.js LinkedBoardActivitiesBleed information d...

2026-02-08 0 views admin

CVE ID : CVE-2026-2207 Published : Feb. 8, 2026, 2:15 a.m. | 1 hour, 11 minutes ago Description : A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely. Upgrading to version 8.21 is capable of addressing this issue. This patch is called 91a936e07d2976d4246dfe834281c3aaa87f9503. You should upgrade the affected component. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-2207

Severity

MEDIUM

Published

Feb. 8, 2026

Impact: information disclosure

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-2207medium

CVE-2026-2207 - WeKan Activity Publication activities.js LinkedBoardActivitiesBleed information d...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-15100 - JAY Login & Register <= 2.6.03 - authenticated (subscriber+) privilege escalatio...

CVE-2025-15027 - JAY Login & Register <= 2.6.03 - unauthenticated privilege escalation via jay_lo...

CVE-2026-2209 - WeKan Custom Translation translationBody.js setCreateTranslation improper authori...

CVE-2026-2206 - WeKan Administrative Repair fixDuplicateLists.js FixDuplicateBleed access control

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting