CVE-2026-25562 | WeKan up to 8.18 Attachment Metadata attachments.js information exposure

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability classified as problematic has been found in WeKan up to 8.18. Affected by this issue is some unknown functionality of the file server/publications/attachments.js of the component Attachment Metadata Handler. This manipulation causes information exposure through discrepancy.

This vulnerability is tracked as CVE-2026-25562. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-25562 | WeKan up to 8.18 Attachment Metadata attachments.js information exposure

Post correlati

CVE-2025-59039 | prebid-universal-creative 1.17.3 JavaScript API Prebid.js malicious code (GHSA-m662-56rj-8fmm)

CVE-2025-15014 | loganhong php loganSite up to c035fb5c3edd0b2a5e32fd4051cbbc9e61a31426 Article article_detail.php ID sql injection

CVE-2022-24809 | Net-SNMP up to 5.9.1 OID nsVacmAccessTable null pointer dereference

CVE-2024-32326 | Totolink EX200 4.0.3c.7646_B20201211 setWiFiExtenderConfig key cross site scripting