CVE-2026-55652 | Wekan up to 9.45 Header-Login headerLoginAuth.js getRequestIp HEADER_LOGIN_ID improper authentication

SecurityVulns

A vulnerability has been found in Wekan up to 9.45 and classified as critical. Affected by this vulnerability is the function getRequestIp of the file server/lib/headerLoginAuth.js of the component Header-Login. The manipulation of the argument HEADER_LOGIN_ID leads to improper authentication.

This vulnerability is referenced as CVE-2026-55652. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More