A vulnerability categorized as critical has been discovered in Wekan up to 9.31. This affects the function
onCreateUser of the file server/models/users.js of the component Accounts. Such manipulation leads to improper authentication.
This vulnerability is documented as CVE-2026-52893. The attack can be executed remotely. There is not any exploit available.