Skip to main content

Ubuntu CVE-2026-29056

| EUVD-2026-12740 HIGH
Improperly Controlled Modification of Dynamically-Determined Object Attributes (CWE-915)
2026-03-18 GitHub_M
Code Injection Debian Ubuntu Kanboard
8.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 18, 2026 - 02:30 euvd
EUVD-2026-12740
Analysis Generated
Mar 18, 2026 - 02:30 vuln.today
CVE Published
Mar 18, 2026 - 01:56 nvd
HIGH 8.8

DescriptionNVD

Kanboard is project management software focused on Kanban methodology. Prior to 1.2.51, Kanboard's user invite registration endpoint (UserInviteController::register()) accepts all POST parameters and passes them to UserModel::create() without filtering out the role field. An attacker who receives an invite link can inject role=app-admin in the registration form to create an administrator account. Version 1.2.51 fixes the issue.

AnalysisAI

Kanboard project management software contains a privilege escalation vulnerability in its user invite registration endpoint that allows invited users to inject the 'role=app-admin' parameter during account creation, granting themselves administrator privileges. This affects all Kanboard versions prior to 1.2.51. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all Kanboard instances and confirm current versions; disable user invite functionality if possible or restrict invite distribution to trusted channels only. Within 7 days: Contact Kanboard support and evaluate upgrade timeline to version 1.2.51; implement network segmentation to limit Kanboard access to internal networks only. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-47269 HIGH
7.4 May 27

Authentication-context bypass in pam_usb before 0.9.0 lets a person holding an enrolled USB device authenticate over SSH
CVE-2026-47271 MEDIUM
5.1 May 27

pam_usb prior to 0.9.0 crashes under memory pressure due to assert()-based OOM guards in src/mem.c that are silently str
CVE-2026-45898
May 27

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removin
CVE-2026-45924
May 27

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbd_vfs_kern_path_end_removing() on s
CVE-2026-45965
May 27

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix invalid deref of rawdata when export_

Vendor StatusVendor

Ubuntu

Priority: Medium

Debian

Bug #1131198
kanboard
Release Status Fixed Version Urgency
forky, sid fixed 1.2.51+ds-1 -
(unstable) fixed 1.2.51+ds-1 -

Share

CVE-2026-29056 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy