PatchSiren cyber security CVE debrief
CVE-2026-41454 wekan CVE debrief
CVE-2026-41454 is a high-severity vulnerability in Wekan before version 8.35. The issue is a missing authorization vulnerability in the Integration REST API endpoints. This allows authenticated board members to perform administrative actions without proper privilege verification. The vulnerability has a CVSS score of 8.7 and is considered high severity. Affected users should update to version 8.35 or later and review their instances for unauthorized integrations.
- Vendor
- wekan
- Product
- Unknown
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-22
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-04-22
- Advisory updated
- 2026-07-14
Who should care
Users of Wekan versions before 8.35 should be aware of this vulnerability and take steps to mitigate it. This includes administrators of Wekan instances who need to ensure that their instances are updated to version 8.35 or later and review their integration configurations for potential security risks.
Technical summary
The vulnerability exists in the Integration REST API endpoints of Wekan before version 8.35. Insufficient authorization checks in the JsonRoutes REST handlers allow authenticated board members to enumerate integrations, including webhook URLs, create new integrations, modify or delete existing integrations, and manage integration activities. This could lead to unauthorized administrative actions. Affected users should review their instances for unauthorized integrations and ensure proper privilege verification for administrative actions. Additionally, users should verify the configuration of their integrations to prevent potential security risks. It is also recommended to monitor Wekan instances for suspicious activity related to integrations.
Defensive priority
High priority should be given to updating Wekan instances to version 8.35 or later. Additionally, administrators should review their instances for any unauthorized integrations and take steps to secure them.
Recommended defensive actions
- Update Wekan to version 8.35 or later
- Review Wekan instances for unauthorized integrations
- Monitor Wekan instances for suspicious activity
- Confirm whether affected Wekan deployments exist in managed environments and assign an owner for follow-up
- Review compensating controls for exposed Wekan systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed Wekan assets that need extra review
- Track exceptions, retest remediated Wekan assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-04-22T22:16:32.497Z and was last modified on 2026-07-14T21:16:50.203Z. The NVD entry is currently Deferred. Evidence is limited to CVE and NVD information. Defenders should verify affected Wekan instances and review integration configurations for potential unauthorized access.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-22T22:16:32.497Z and has not been modified since then. The NVD entry is currently Deferred.