CVE-2026-25530
Authorization Bypass in Kanboard getSwimlane API Allows Data Exposure
Publication date: 2026-02-10
Last updated on: 2026-02-13
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kanboard | kanboard | to 1.2.50 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Kanboard to version 1.2.50 or later, where this vulnerability is fixed by adding proper project-level authorization checks in the getSwimlane API method.
If upgrading immediately is not possible, restrict access to the Kanboard API to trusted users only and monitor API usage for suspicious calls to getSwimlane or similar endpoints.
Additionally, review and apply any available patches or security advisories provided by Kanboard related to this issue.
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-25530 is an authorization bypass vulnerability in Kanboard's getSwimlane API method. Prior to version 1.2.50, this method did not perform proper project-level authorization checks, allowing authenticated users to access swimlane data from projects they are not authorized to view."}, {'type': 'paragraph', 'content': 'Specifically, the getSwimlane method returned swimlane data by ID without verifying if the requesting user had access rights to the associated project. This flaw allowed unauthorized users to retrieve metadata such as swimlane name, description, and project ID from restricted projects.'}, {'type': 'paragraph', 'content': "The vulnerability was fixed by adding explicit authorization checks that verify user permissions against the swimlane's associated project before returning any data."}] [2]
How can this vulnerability impact me? :
This vulnerability allows authenticated users with low privileges to access swimlane metadata from projects they do not have permission to view.
- Unauthorized disclosure of project swimlane information such as names and descriptions.
- Exposure of project existence confirmation through the revealed project IDs.
While the impact is limited to confidentiality (metadata exposure), it can lead to information leakage that might aid attackers in further reconnaissance or social engineering.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to access swimlane data from projects for which the authenticated user does not have permission. Specifically, an authenticated user can call the getSwimlane API method with a swimlane ID belonging to a project they should not access and observe if the swimlane metadata is returned.'}, {'type': 'paragraph', 'content': 'A practical detection method is to use an HTTP client or API testing tool to send a request to the getSwimlane API endpoint with a swimlane ID from an unauthorized project and check if the response includes swimlane data instead of an authorization error.'}, {'type': 'paragraph', 'content': 'Example command using curl (replace placeholders with actual values):'}, {'type': 'list_item', 'content': 'curl -H "Authorization: Bearer <token>" https://<kanboard-server>/api/getSwimlane/<swimlane_id>'}, {'type': 'paragraph', 'content': 'If the response returns swimlane details for a project the user should not access, the system is vulnerable.'}] [2]