CVE-2026-25565

WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/wekan/wekan/commit/181f837d8cbae96bdf9dcbd31beaa3653c2c0285	Patch
https://wekan.fi/	Product
https://www.vulncheck.com/advisories/wekan-read-only-board-roles-can-update-cards	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wekan_project:wekan:*:*:*:*:*:*:*:*

History

17 Jun 2026, 10:24

Type	Values Removed	Values Added
Summary		(es) Las versiones de WeKan anteriores a la 8.19 contienen una vulnerabilidad de autorización donde ciertas rutas de la API de actualización de tarjetas validan solo el acceso de lectura al tablero en lugar de requerir permiso de escritura. Esto puede permitir a usuarios con roles de solo lectura realizar actualizaciones de tarjetas que deberían requerir acceso de escritura.

10 Feb 2026, 21:57

Type	Values Removed	Values Added
CPE		cpe:2.3:a:wekan_project:wekan::::::::
First Time		Wekan Project wekan Wekan Project
References	~~() https://github.com/wekan/wekan/commit/181f837d8cbae96bdf9dcbd31beaa3653c2c0285 -~~	() https://github.com/wekan/wekan/commit/181f837d8cbae96bdf9dcbd31beaa3653c2c0285 - Patch
References	~~() https://wekan.fi/ -~~	() https://wekan.fi/ - Product
References	~~() https://www.vulncheck.com/advisories/wekan-read-only-board-roles-can-update-cards -~~	() https://www.vulncheck.com/advisories/wekan-read-only-board-roles-can-update-cards - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5

07 Feb 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-07 22:16

Updated : 2026-06-17 10:24

NVD link : CVE-2026-25565

Mitre link : CVE-2026-25565

CVE.ORG link : CVE-2026-25565

JSON object : View

Products Affected

wekan_project

wekan

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2026-25565", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-25565", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-10T16:26:31.823422Z"}}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "disclosure@vulncheck.com", "affectedData": [{"repo": "https://github.com/wekan/wekan", "vendor": "WeKan", "product": "WeKan", "versions": [{"status": "affected", "version": "0", "lessThan": "8.19", "versionType": "custom"}], "defaultStatus": "unaffected"}]}], "published": "2026-02-07T22:16:02.043", "references": [{"url": "https://github.com/wekan/wekan/commit/181f837d8cbae96bdf9dcbd31beaa3653c2c0285", "tags": ["Patch"], "source": "disclosure@vulncheck.com"}, {"url": "https://wekan.fi/", "tags": ["Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/wekan-read-only-board-roles-can-update-cards", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access."}, {"lang": "es", "value": "Las versiones de WeKan anteriores a la 8.19 contienen una vulnerabilidad de autorizaci\u00f3n donde ciertas rutas de la API de actualizaci\u00f3n de tarjetas validan solo el acceso de lectura al tablero en lugar de requerir permiso de escritura. Esto puede permitir a usuarios con roles de solo lectura realizar actualizaciones de tarjetas que deber\u00edan requerir acceso de escritura."}], "lastModified": "2026-06-17T10:24:51.890", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wekan_project:wekan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE76E9D8-332F-4A27-9690-CEEF9504B520", "versionEndExcluding": "8.19"}], "operator": "OR"}]}], "sourceIdentifier": "disclosure@vulncheck.com"}