Known Vulnerabilities for Openproject by Opf
Listed below are 10 of the newest known vulnerabilities associated with "Openproject" by "Opf".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-52785 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a SQL injection in ti... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-52784 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a CSRF on TARGET thro... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-52783 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, OpenProject's Storages module ... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-52782 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is an IDOR through /proj... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-52781 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the HTML sanitizer grants | Not Provided
|
2026-06-26
|
2026-06-29
|
|
| CVE-2026-52780 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, cache store poisoning leads to... | Not Provided | 2026-06-26 | 2026-06-27 |
| CVE-2026-52779 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, a cross-project IDOR / authori... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-49355 json | OpenProject is open-source, web-based project management software. Prior to 17.4.0, `GET /api/v3/meetings/:meeting_id/agenda_... | Not Provided | 2026-06-26 | 2026-06-29 |
| CVE-2026-47193 json | OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the journal diff endpoint disc... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-46386 json | OpenProject is open-source, web-based project management software. Prior to , the official openproject/openproject Docker ima... | Not Provided | 2026-06-26 | 2026-06-29 |