CVE-2026-2205 | WeKan up to 8.20 Meteor Publication cards.js CardPubSubBleed information disclosure

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability classified as problematic was found in WeKan up to 8.20. This affects an unknown part of the file server/publications/cards.js of the component Meteor Publication Handler. Such manipulation leads to information disclosure.

This vulnerability is listed as CVE-2026-2205. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-2205 | WeKan up to 8.20 Meteor Publication cards.js CardPubSubBleed information disclosure

Post correlati

CVE-2024-1074 | Beaver Builder Plugin up to 2.7.4.2 on WordPress Audio Widget cross site scripting

CVE-2024-0158 | Dell CPG BIOS prior 3.21.0 UEFI Variable input validation (dsa-2024-030)

CVE-2024-30215 | SAP Business Connector 4.8 Resource Settings Page cross site scripting

CVE-2024-3552 | Web Directory Free Plugin up to 1.6.9 on WordPress sql injection