CVE-2026-2209

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-2209

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2209.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-2209

Published

2026-02-08T02:15:57.820Z

Modified

2026-03-13T21:46:44.518006Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was detected in WeKan up to 8.18. The affected element is the function setCreateTranslation of the file client/components/settings/translationBody.js of the component Custom Translation Handler. The manipulation results in improper authorization. The attack can be launched remotely. Upgrading to version 8.19 is sufficient to fix this issue. The patch is identified as f244a43771f6ebf40218b83b9f46dba6b940d7de. It is suggested to upgrade the affected component.

References

Affected packages

Git / github.com/wekan/wekan

Affected ranges

Type

GIT

Repo

https://github.com/wekan/wekan

Events

Introduced

Fixed

e09e9114aaae041d1cdc8b200f0a116b291d6278

Fixed

f244a43771f6ebf40218b83b9f46dba6b940d7de

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "8.19"
        }
    ]
}

Affected versions

2.*

2.52

4.*

4.30

4.31

Other

stable

v0.*

v0.10-rc2

v0.10.0

v0.10.0-rc1

v0.10.0-rc3

v0.10.0-rc4

v0.10.1

v0.11.0-rc1

v0.11.0-rc2

v0.11.1-rc1

v0.11.1-rc2

v0.12

v0.13

v0.16

v0.17

v0.18

v0.19

v0.20

v0.21

v0.22

v0.23

v0.24

v0.25

v0.26

v0.27

v0.28

v0.29

v0.30

v0.31

v0.32

v0.33

v0.34

v0.35

v0.36

v0.37

v0.38

v0.39

v0.40

v0.41

v0.42

v0.43

v0.44

v0.45

v0.46

v0.47

v0.48

v0.49

v0.50

v0.51

v0.52

v0.53

v0.54

v0.55

v0.56

v0.57

v0.58

v0.59

v0.60

v0.61

v0.62

v0.63

v0.64

v0.65

v0.66

v0.67

v0.68

v0.69

v0.70

v0.71

v0.72

v0.73

v0.74

v0.75

v0.76

v0.77

v0.78

v0.79

v0.80

v0.81

v0.82

v0.83

v0.84

v0.85

v0.86

v0.87

v0.88

v0.89

v0.9

v0.9.0-rc1

v0.9.0-rc2

v0.90

v0.91

v0.92

v0.93

v0.94

v0.95

v0.96

v0.97

v0.98

v0.99

v1.*

v1.00

v1.01

v1.02

v1.03

v1.04

v1.05

v1.06

v1.07

v1.08

v1.09

v1.10

v1.11

v1.12

v1.13

v1.14

v1.15

v1.16

v1.17

v1.18

v1.19

v1.20

v1.21

v1.23

v1.24

v1.25

v1.26

v1.27

v1.29

v1.30

v1.31

v1.32

v1.33

v1.34

v1.35

v1.36

v1.37

v1.38

v1.39

v1.40

v1.41

v1.42

v1.43

v1.44

v1.45

v1.46

v1.47

v1.48

v1.49

v1.49-edge-1

v1.49.1

v1.50

v1.50.1

v1.50.2

v1.50.3

v1.51

v1.51.1

v1.51.2

v1.52

v1.52.1

v1.53

v1.53.1

v1.53.2

v1.53.3

v1.53.4

v1.53.5

v1.53.6

v1.53.7

v1.53.8

v1.53.9

v1.54

v1.55

v1.55.1

v1.57

v1.58

v1.59

v1.60

v1.61

v1.62

v1.63

v1.64

v1.64.1

v1.64.2

v1.65

v1.66

v1.67

v1.68

v1.69

v1.69.2

v1.70

v1.71

v1.72

v1.73

v1.74

v1.74.1

v1.75

v1.76

v1.77

v1.78

v1.79

v1.80

v1.81

v1.82

v1.83

v1.84

v1.85

v1.86

v1.87

v1.88

v1.89

v1.90

v1.91

v1.92

v1.93

v1.94

v1.95

v1.96

v1.97

v1.98

v1.99

v2.*

v2.00

v2.01

v2.02

v2.03

v2.04

v2.05

v2.06

v2.07

v2.08

v2.09

v2.10

v2.11

v2.12

v2.13

v2.14

v2.15

v2.16

v2.17

v2.18

v2.19

v2.20

v2.21

v2.22

v2.23

v2.24

v2.25

v2.26

v2.27

v2.28

v2.29

v2.30

v2.31

v2.32

v2.33

v2.34

v2.35

v2.36

v2.37

v2.38

v2.39

v2.40

v2.41

v2.42

v2.43

v2.44

v2.45

v2.46

v2.47

v2.48

v2.49

v2.50

v2.51

v2.52

v2.53

v2.54

v2.55

v2.55.1

v2.56

v2.56.1

v2.57

v2.58

v2.59

v2.60

v2.60.1

v2.61

v2.62

v2.63

v2.64

v2.65

v2.66

v2.67

v2.68

v2.69

v2.70

v2.71

v2.72

v2.73

v2.74

v2.75

v2.76

v2.77

v2.78

v2.79

v2.80

v2.81

v2.82

v2.83

v2.84

v2.85

v2.86

v2.87

v2.88

v2.89

v2.90

v2.91

v2.92

v2.94

v2.98

v2.99

v3.*

v3.00

v3.01

v3.02

v3.03

v3.04

v3.05

v3.06

v3.07

v3.08

v3.09

v3.10

v3.11

v3.12

v3.13

v3.14

v3.15

v3.16

v3.17

v3.18

v3.19

v3.20

v3.21

v3.22

v3.23

v3.24

v3.25

v3.26

v3.27

v3.29

v3.30

v3.31

v3.32

v3.33

v3.34

v3.35

v3.36

v3.37

v3.38

v3.39

v3.40

v3.41

v3.42

v3.43

v3.44

v3.45

v3.46

v3.47

v3.48

v3.49

v3.50

v3.51

v3.52

v3.53

v3.54

v3.55

v3.56

v3.57

v3.58

v3.59

v3.60

v3.61

v3.62

v3.63

v3.64

v3.65

v3.66

v3.67

v3.68

v3.69

v3.70

v3.71

v3.73

v3.74

v3.75

v3.76

v3.77

v3.78

v3.79

v3.80

v3.81

v3.82

v3.83

v3.84

v3.85

v3.86

v3.87

v3.88

v3.89

v3.90

v3.91

v3.92

v3.93

v3.94

v3.95

v3.96

v3.97

v3.98

v3.99

v4.*

v4.00

v4.01

v4.02

v4.03

v4.04

v4.05

v4.06

v4.07

v4.08

v4.09

v4.10

v4.11

v4.12

v4.13

v4.14

v4.15

v4.16

v4.17

v4.18

v4.19

v4.20

v4.21

v4.22

v4.23

v4.24

v4.25

v4.26

v4.27

v4.28

v4.29

v4.32

v4.33

v4.34

v4.35

v4.36

v4.37

v4.38

v4.39

v4.40

v4.41

v4.42

v4.43

v4.44

v4.45

v4.46

v4.47

v4.48

v4.49

v4.50

v4.51

v4.52

v4.53

v4.54

v4.55

v4.56

v4.57

v4.58

v4.59

v4.60

v4.61

v4.62

v4.63

v4.64

v4.65

v4.66

v4.67

v4.68

v4.69

v4.70

v4.71

v4.72

v4.73

v4.74

v4.75

v4.76

v4.77

v4.78

v4.79

v4.80

v4.81

v4.82

v4.83

v4.84

v4.85

v4.86

v4.87

v4.88

v4.89

v4.90

v4.91

v4.92

v4.93

v4.94

v4.95

v4.96

v4.98

v4.99

v5.*

v5.00

v5.01

v5.02

v5.03

v5.04

v5.05

v5.06

v5.07

v5.08

v5.09

v5.10

v5.11

v5.12

v5.13

v5.14

v5.15

v5.16

v5.17

v5.18

v5.19

v5.20

v5.21

v5.22

v5.23

v5.24

v5.25

v5.26

v5.27

v5.28

v5.29

v5.30

v5.31

v5.32

v5.33

v5.34

v5.35

v5.36

v5.37

v5.38

v5.39

v5.40

v5.41

v5.42

v5.43

v5.44

v5.45

v5.46

v5.47

v5.48

v5.49

v5.50

v5.51

v5.52

v5.53

v5.54

v5.55

v5.56

v5.57

v5.58

v5.59

v5.60

v5.61

v5.62

v5.63

v5.64

v5.65

v5.66

v5.67

v5.68

v5.69

v5.70

v5.71

v5.72

v5.73

v5.74

v5.75

v5.76

v5.77

v5.78

v5.79

v5.80

v5.81

v5.82

v5.83

v5.84

v5.85

v5.86

v5.87

v5.88

v5.89

v5.90

v5.91

v5.92

v5.93

v5.94

v5.95

v5.96

v5.97

v5.98

v5.99

v6.*

v6.00

v6.01

v6.02

v6.03

v6.04

v6.05

v6.06

v6.07

v6.08

v6.09

v6.10

v6.11

v6.12

v6.13

v6.14

v6.15

v6.16

v6.17

v6.18

v6.19

v6.20

v6.21

v6.22

v6.23

v6.24

v6.25

v6.26

v6.27

v6.28

v6.29

v6.30

v6.31

v6.32

v6.33

v6.34

v6.35

v6.36

v6.37

v6.38

v6.39

v6.40

v6.41

v6.42

v6.43

v6.44

v6.45

v6.46

v6.47

v6.48

v6.49

v6.50

v6.51

v6.52

v6.53

v6.54

v6.55

v6.56

v6.57

v6.58

v6.59

v6.60

v6.61

v6.62

v6.63

v6.64

v6.65

v6.67

v6.68

v6.69

v6.70

v6.71

v6.72

v6.73

v6.74

v6.75

v6.76

v6.77

v6.78

v6.79

v6.80

v6.81

v6.82

v6.83

v6.84

v6.85

v6.86

v6.87

v6.88

v6.89

v6.90

v6.91

v6.92

v6.93

v6.94

v6.95

v6.96

v6.97

v6.98

v6.99

v6.99.1

v6.99.2

v6.99.3

v6.99.4

v6.99.5

v6.99.6

v6.99.7

v6.99.8

v6.99.9

v7.*

v7.00

v7.01

v7.02

v7.03

v7.04

v7.05

v7.06

v7.07

v7.08

v7.09

v7.10

v7.11

v7.12

v7.14

v7.15

v7.16

v7.17

v7.18

v7.19

v7.20

v7.21

v7.22

v7.23

v7.24

v7.25

v7.26

v7.27

v7.28

v7.29

v7.30

v7.31

v7.32

v7.33

v7.34

v7.35

v7.36

v7.37

v7.38

v7.39

v7.40

v7.41

v7.42

v7.43

v7.44

v7.45

v7.46

v7.47

v7.48

v7.49

v7.50

v7.51

v7.52

v7.53

v7.54

v7.55

v7.56

v7.57

v7.58

v7.59

v7.60

v7.61

v7.62

v7.63

v7.64

v7.65

v7.67

v7.68

v7.69

v7.70

v7.71

v7.72

v7.73

v7.74

v7.75

v7.76

v7.77

v7.78

v7.79

v7.80

v7.81

v7.82

v7.83

v7.84

v7.85

v7.86

v7.87

v7.88

v7.89

v7.90

v7.91

v7.92

v7.93

v7.95

v7.96

v7.97

v7.98

v7.99

v8.*

v8.00

v8.01

v8.02

v8.03

v8.04

v8.05

v8.06

v8.07

v8.08

v8.09

v8.10

v8.11

v8.12

v8.14

v8.15

v8.16

v8.17

v8.18

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2209.json"