CVE-2026-2208
Unknown Unknown - Not Provided
Authorization Bypass in WeKan Rules Handler Allows Remote Access

Publication date: 2026-02-08

Last updated on: 2026-02-11

Assigner: VulDB

Description
A security vulnerability has been detected in WeKan up to 8.20. Impacted is an unknown function of the file server/publications/rules.js of the component Rules Handler. The manipulation leads to missing authorization. The attack can be initiated remotely. Upgrading to version 8.21 is recommended to address this issue. The identifier of the patch is a787bcddf33ca28afb13ff5ea9a4cb92dceac005. The affected component should be upgraded.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-08
Last Modified
2026-02-11
Generated
2026-06-16
AI Q&A
2026-02-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-2208
EUVD
EUVD-2026-5821
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wekan_project wekan to 8.21 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-2208 is an authorization vulnerability in WeKan versions up to 8.20, specifically in the Rules Handler component within the file server/publications/rules.js. The vulnerability occurs because the system fails to properly check if a user is authorized before granting access to certain rule-related data. This missing authorization flaw allows remote attackers to access sensitive administrative data without proper permissions.

The issue is classified under CWE-862 (missing authorization) and can be exploited remotely without requiring local access or physical interaction. The vulnerability is moderate in severity with a CVSSv3 base score of 4.3.

Impact Analysis

This vulnerability can impact you by allowing unauthorized users to remotely access sensitive administrative data related to rules, triggers, actions, and reports within the Wekan platform. Such unauthorized access can lead to information disclosure, potentially exposing confidential or sensitive configuration details.

Although the vulnerability does not directly allow modification or destruction of data, the exposure of administrative automation data could aid attackers in further exploiting the system or understanding its internal configurations.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves missing authorization checks in the Wekan application, specifically in the server/publications/rules.js file. Detection would involve verifying if unauthorized access to rules, triggers, actions, or reports data is possible remotely without proper authentication or admin privileges.

Since the vulnerability is related to unauthorized data exposure via Meteor publications, detection could include monitoring network traffic for unauthorized API calls to these publications or attempting to access these endpoints without authentication or admin rights.

No specific detection commands are provided in the available resources.

Mitigation Strategies

The primary and recommended mitigation step is to upgrade Wekan to version 8.21 or later, which includes the patch that fixes this authorization vulnerability.

The patch (commit a787bcddf33ca28afb13ff5ea9a4cb92dceac005) enforces strict user authentication and authorization checks in the server/publications/rules.js file, ensuring only authenticated users with appropriate admin privileges can access sensitive rule-related data.

Until the upgrade can be applied, restrict access to the Wekan instance to trusted users only and monitor for any suspicious access attempts to the rules, triggers, actions, and reports data.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2208. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart