Vulnerability Description
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution (RCE). Although the application correctly hides the plugin installation interface when the PLUGIN_INSTALLER configuration is set to false, the underlying backend endpoint fails to verify this security setting. An attacker can exploit this oversight to force the server to download and install a malicious plugin, leading to arbitrary code execution. This vulnerability is fixed in 1.2.50.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kanboard | Kanboard | < 1.2.50 |
Related Weaknesses (CWE)
References
- https://github.com/kanboard/kanboard/commit/b9ada89b1a64034612fc4262b88c42458c0dPatch
- https://github.com/kanboard/kanboard/releases/tag/v1.2.50ProductRelease Notes
- https://github.com/kanboard/kanboard/security/advisories/GHSA-grch-p7vf-vc4fExploitMitigationVendor Advisory
FAQ
What is CVE-2026-25924?
CVE-2026-25924 is a vulnerability with a CVSS score of 8.4 (HIGH). Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote...
How severe is CVE-2026-25924?
CVE-2026-25924 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-25924?
Check the references section above for vendor advisories and patch information. Affected products include: Kanboard Kanboard.