CVE-2026-33058

High CVSS: 8.4

Kanboard is project management software focused on Kanban methodology. Versions prior to 1.2.51 have an authenticated SQL injection vulnerability. Attackers with the permission to add users to a project can leverage this vulnerability to dump the entirety of the kanboard database. Version 1.2.51 fixes the issue.

Vendor

Kanboard

Product

Kanboard

CWE

CWE-89

Yayın Tarihi

2026-03-18 04:17:27

Güncelleme

2026-03-18 17:52:14

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-89 Kanboard HIGH Kanboard 2026

Referanslar

https://github.com/kanboard/kanboard/security/advisories/GHSA-f62r-m4mr-2xhh

Benzer Kayıtlar

High

CVE-2026-29056

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registrat…

Medium

CVE-2026-25531

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, The fix for CVE-2023-33968 is in…

High

CVE-2026-25924

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulner…

Medium

CVE-2026-25530

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, the getSwimlane API method lacks…

Medium

CVE-2026-24885

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a Cross-Site Request Forgery (CS…

Medium

CVE-2026-21879

Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below are vulnerable to an Op…