PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-41454 wekan CVE debrief

CVE-2026-41454 is a high-severity vulnerability in Wekan before version 8.35. The issue is a missing authorization vulnerability in the Integration REST API endpoints. This allows authenticated board members to perform administrative actions without proper privilege verification. The vulnerability has a CVSS score of 8.7 and is considered high severity. Affected users should update to version 8.35 or later and review their instances for unauthorized integrations.

Vendor
wekan
Product
Unknown
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-22
Original CVE updated
2026-07-14
Advisory published
2026-04-22
Advisory updated
2026-07-14

Who should care

Users of Wekan versions before 8.35 should be aware of this vulnerability and take steps to mitigate it. This includes administrators of Wekan instances who need to ensure that their instances are updated to version 8.35 or later and review their integration configurations for potential security risks.

Technical summary

The vulnerability exists in the Integration REST API endpoints of Wekan before version 8.35. Insufficient authorization checks in the JsonRoutes REST handlers allow authenticated board members to enumerate integrations, including webhook URLs, create new integrations, modify or delete existing integrations, and manage integration activities. This could lead to unauthorized administrative actions. Affected users should review their instances for unauthorized integrations and ensure proper privilege verification for administrative actions. Additionally, users should verify the configuration of their integrations to prevent potential security risks. It is also recommended to monitor Wekan instances for suspicious activity related to integrations.

Defensive priority

High priority should be given to updating Wekan instances to version 8.35 or later. Additionally, administrators should review their instances for any unauthorized integrations and take steps to secure them.

Recommended defensive actions

  • Update Wekan to version 8.35 or later
  • Review Wekan instances for unauthorized integrations
  • Monitor Wekan instances for suspicious activity
  • Confirm whether affected Wekan deployments exist in managed environments and assign an owner for follow-up
  • Review compensating controls for exposed Wekan systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed Wekan assets that need extra review
  • Track exceptions, retest remediated Wekan assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-04-22T22:16:32.497Z and was last modified on 2026-07-14T21:16:50.203Z. The NVD entry is currently Deferred. Evidence is limited to CVE and NVD information. Defenders should verify affected Wekan instances and review integration configurations for potential unauthorized access.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-22T22:16:32.497Z and has not been modified since then. The NVD entry is currently Deferred.