CVE-2026-1964 – WeKan REST Endpoint boards.js BoardTitleRESTBleed access control

CVE ID : CVE-2026-1964

Published : Feb. 5, 2026, 10:15 p.m. | 1 hour, 3 minutes ago

Description : A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access controls. Remote exploitation of the attack is possible. Upgrading to version 8.21 will fix this issue. Patch name: 545566f5663545d16174e0f2399f231aa693ab6e. It is advisable to upgrade the affected component.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…