CVE-2026-25859

UNKNOWN 0.0

WeKan < 8.20 Migration Functionality Insufficient Permission Checks

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due to insufficient permission checks, potentially resulting in unauthorized migration operations.

CWE	CWE-863
Vendor	wekan
Product	wekan
Published	Feb 7, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for wekan wekan

Be the first to know when new unknown vulnerabilities affecting wekan wekan are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

WeKan / WeKan

0 < 8.20

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/wekan/wekan/commit/cbb1cd78de3e40264a5e047ace0ce27f8635b4e6 wekan.fi: https://wekan.fi/ vulncheck.com: https://www.vulncheck.com/advisories/wekan-migration-functionality-insufficient-permission-checks

Credits

Joshua Rogers