关键漏洞信息 Vulnerability ID: CVE-2026-1895 Product: WeKan Affected Versions: up to 8.20 Component: Attachment Storage Handler File Location: 受影响函数: CVSS Meta Temp Score: 6.0 Exploit Price Range: $0-$5k CTI Interest Score: 1.91 Summary A vulnerability was found in WeKan up to 8.20. The function in the file of the Attachment Storage Handler is affected. The vulnerability leads to access control issues and can be exploited remotely. No known exploit exists. Details The vulnerability is an access control issue caused by incorrect or missing restrictions in the function. This leads to a scenario where an unauthorized actor can access resources, impacting confidentiality, integrity, and availability. The issue is classified as CWE-284. Additional Notes GitHub Advisory: Link CVE Identification: CVE-2026-1895 Exploitation Difficulty: Easy Attack Technique: T1068 (MITRE ATT&CK)