CVE-2026-1895 | WeKan up to 8.20 Attachment Storage models/lists.js applyWipLimit ListWIPBleed access control

Inserito da Angelo Barbosa | Feb 4, 2026 | CVE

A vulnerability was found in WeKan up to 8.20. It has been declared as critical. Affected is the function applyWipLimit of the file models/lists.js of the component Attachment Storage Handler. Executing a manipulation can lead to improper access controls.

This vulnerability is handled as CVE-2026-1895. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-1895 | WeKan up to 8.20 Attachment Storage models/lists.js applyWipLimit ListWIPBleed access control

Post correlati

CVE-2025-6422 | Campcodes Online Recruitment Management System 1.0 About Content Page ajax.php?action=save_settings img unrestricted upload

CVE-2023-49231 | Stilog Visual Planning 8 Administrative API Token improper authentication

CVE-2025-0205 | code-projects Online Shoe Store 1.0 /details2.php id sql injection

CVE-2024-41236 | Kashipara Responsive School Management System 3.2.0 Admin Login Page /smsa/admin_login.php username sql injection