Opf Latest Vulnerabilities

Arbitrary File Write Vulnerability in OpenProject by OPF

CVE-2026-25763

OpfOpenproject9.4CRITICAL

HTML Injection Vulnerability in OpenProject by OpenProject Foundation

CVE-2026-25764

OpfOpenproject3.5LOW

Insufficient Validation in OpenProject Allows Unauthorized Agenda Modification

CVE-2026-24776

OpfOpenproject4.3MEDIUM

Cross-Site Request Forgery in OpenProject Web-Based Project Management Software

CVE-2026-24775

OpfOpenproject6.3MEDIUM

OpenProject Web-Based Project Management Software Vulnerability

CVE-2026-24772

OpfOpenproject8.9HIGH

Arbitrary File Write Vulnerability in OpenProject by OpenProject Foundation

CVE-2026-24685

OpfOpenproject9.4CRITICAL

Permission Check Flaw in OpenProject Affects User Group Visibility

CVE-2026-23721

OpfOpenproject4.3MEDIUM

Session Management Flaw in OpenProject by OpenProject Foundation

CVE-2026-23646

OpfOpenproject6.5MEDIUM

Stored Cross-Site Scripting Vulnerability in OpenProject Project Management Software

CVE-2026-23625

OpfOpenproject8.7HIGH

Access Control Issue in OpenProject Affects User Meeting Permissions

CVE-2026-22605

OpfOpenproject4.3MEDIUM

User Enumeration Flaw in OpenProject by OPF

CVE-2026-22604

OpfOpenproject6.9MEDIUM

Unauthenticated Password Change Vulnerability in OpenProject by OPF

CVE-2026-22603

OpfOpenproject6.9MEDIUM

User Information Exposure in OpenProject by Opf

CVE-2026-22602

OpfOpenproject3.5LOW

Command Execution Vulnerability in OpenProject by OpenProject Community

CVE-2026-22601

OpfOpenproject8.6HIGH

Local File Read Vulnerability in OpenProject by OpenProject

CVE-2026-22600

OpfOpenproject9.1CRITICAL

Improper Input Sanitization in OpenProject Web-Based Project Management Software

CVE-2025-24892

OpfOpenproject3.5LOW

OpenProject addresses phishing vulnerability in default packaged installations

CVE-2024-41801

OpfOpenproject6.1MEDIUM

Stored XSS in Cost Report feature via {icon} substitution

CVE-2024-35224

OpfOpenproject7.6HIGH

OpenProject vulnerable to project identifier information leakage through robots.txt

CVE-2023-33960

opfopenprojectEPSS 23%7.5HIGH

OpenProject user sessions not terminated after activation of 2FA

CVE-2023-31140

OpfOpenproject4.8MEDIUM

SQL injection in OpenProject

CVE-2021-43830

OpfOpenproject7.4HIGH

Regular Expression Denial of Service in OpenProject forum messages

CVE-2021-32763

OpfOpenproject4.3MEDIUM

opf Latest Vulnerabilities

Vulnerability Published:

Sort By:

6 February 2026

Arbitrary File Write Vulnerability in OpenProject by OPF

HTML Injection Vulnerability in OpenProject by OpenProject Foundation

Insufficient Validation in OpenProject Allows Unauthorized Agenda Modification

28 January 2026

Cross-Site Request Forgery in OpenProject Web-Based Project Management Software

OpenProject Web-Based Project Management Software Vulnerability

Arbitrary File Write Vulnerability in OpenProject by OpenProject Foundation

19 January 2026

Permission Check Flaw in OpenProject Affects User Group Visibility

Session Management Flaw in OpenProject by OpenProject Foundation

Stored Cross-Site Scripting Vulnerability in OpenProject Project Management Software

10 January 2026

Access Control Issue in OpenProject Affects User Meeting Permissions

User Enumeration Flaw in OpenProject by OPF

Unauthenticated Password Change Vulnerability in OpenProject by OPF

User Information Exposure in OpenProject by Opf

Command Execution Vulnerability in OpenProject by OpenProject Community

Local File Read Vulnerability in OpenProject by OpenProject

10 February 2025

Improper Input Sanitization in OpenProject Web-Based Project Management Software

25 July 2024

OpenProject addresses phishing vulnerability in default packaged installations

23 May 2024

Stored XSS in Cost Report feature via {icon} substitution

1 June 2023

OpenProject vulnerable to project identifier information leakage through robots.txt

8 May 2023

OpenProject user sessions not terminated after activation of 2FA

14 December 2021

SQL injection in OpenProject

20 July 2021

Regular Expression Denial of Service in OpenProject forum messages