CVE-2026-2206 | WeKan up to 8.20 Administrative Repair fixDuplicateLists.js FixDuplicateBleed access control

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability, which was classified as critical, has been found in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2026-2206. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-2206 | WeKan up to 8.20 Administrative Repair fixDuplicateLists.js FixDuplicateBleed access control

Post correlati

CVE-2025-4039 | PHPGurukul Rail Pass Management System 1.0 /admin/search-pass.php searchdata sql injection

CVE-2023-6859 | Mozilla Thunderbird up to 120 TLS Socket use after free

VDB-278460 | Google Bazel config

CVE-2025-1247 | Quarkus REST up to 3.18.1 information disclosure