CVE-2026-1963 | WeKan up to 8.20 Attachment Storage models/attachments.js MoveStorageBleed access control

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability classified as critical was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2026-1963. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-1963 | WeKan up to 8.20 Attachment Storage models/attachments.js MoveStorageBleed access control

Post correlati

CVE-2025-55064 | Priority Web cross site scripting

CVE-2024-25952 | Dell PowerScale OneFS up to 9.3.0.0/9.4.0.16/9.5.0.7/9.7.0.0/9.7.0.1 symlink (dsa-2024-115)

CVE-2025-6344 | code-projects Online Shoe Store 1.0 /contactus.php email sql injection

CVE-2025-59739 | AndSoft e-TMS 25.03 LOGINFRM_original.ASP m os command injection