CVE-2026-2207 | WeKan up to 8.20 Activity Publication activities.js LinkedBoardActivitiesBleed information disclosure

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability, which was classified as problematic, was found in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure.

This vulnerability is registered as CVE-2026-2207. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.

CVE-2026-2207 | WeKan up to 8.20 Activity Publication activities.js LinkedBoardActivitiesBleed information disclosure

Post correlati

CVE-2024-37498 | Pauple Table & Contact Form 7 Database Plugin up to 1.0.33 on WordPress information disclosure

CVE-2024-37039 | Schneider Electric Sage 4400 up to C3414-500-S02K5_P8 HTTP Request return value (SEVD-2024-163-05)

CVE-2024-26631 | Linux Kernel up to 5.15.147/6.1.74/6.6.13/6.7.1 IPv6 mld_ifc_stop_work denial of service

CVE-2024-27104 | GLPI up to 10.0.12 Dashboard cross site scripting