CVE-2026-2205 | WeKan up to 8.20 Meteor Publication cards.js CardPubSubBleed information disclosure

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability classified as problematic was found in WeKan up to 8.20. This affects an unknown part of the file server/publications/cards.js of the component Meteor Publication Handler. Such manipulation leads to information disclosure.

This vulnerability is listed as CVE-2026-2205. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-2205 | WeKan up to 8.20 Meteor Publication cards.js CardPubSubBleed information disclosure

Post correlati

CVE-2024-1096 | Filseclab Twister Antivirus 8.17 IOCTL fildds.sys input validation

CVE-2024-36041 | KDE Plasma Workspace Session Restore ksmserver/server.cpp user session

CVE-2024-44017 | MinHyeong Lim MH Board Plugin up to 1.3.2.1 on WordPress path traversal

CVE-2024-51569 | Apache NimBLE up to 1.7.0 HCI Event Parser out-of-bounds