Opf Latest Vulnerabilities

Business Logic Error in OpenProject Web-Based Project Management Software

CVE-2026-44733

OpfOpenproject5.9MEDIUM

User Enumeration Vulnerability in OpenProject by OpenProject Management

CVE-2026-44731

OpfOpenproject4.3MEDIUM

Unauthorized Document Manipulation in OpenProject by OpenProject

CVE-2026-44732

OpfOpenproject4.3MEDIUM

Missing Authorization Vulnerability in OpenProject Project Management Software

CVE-2026-44734

OpfOpenproject6.5MEDIUM

Authorization Flaw in OpenProject Project Management Software

CVE-2026-44735

OpfOpenproject6.5MEDIUM

CSS Injection Vulnerability in OpenProject Project Management Software

CVE-2026-44696

OpfOpenproject5.7MEDIUM

Data Exposure Vulnerability in OpenProject by OpenProject Community

CVE-2026-49355

OpfOpenproject4.3MEDIUM

Information Disclosure in OpenProject Software by OpenProject Foundation

CVE-2026-44736

OpfOpenproject6.5MEDIUM

Web-based project management software vulnerability in OpenProject by OPF

CVE-2026-46386

OpfOpenproject9.9CRITICAL

Remote Code Execution Vulnerability in OpenProject by OpenProject Foundation

CVE-2026-52780

OpfOpenproject9.6CRITICAL

Authorization Confusion in OpenProject Calendar and Team Planner

CVE-2026-52779

OpfOpenproject5.4MEDIUM

Disclosure of Historical Field Values in OpenProject by OPF

CVE-2026-47193

OpfOpenproject7.5HIGH

HTML Sanitization Flaw in OpenProject Affects Web-Based Project Management Software

CVE-2026-52781

OpfOpenproject6.4MEDIUM

Improper Access Control in OpenProject Affects Project Management Systems

CVE-2026-52782

OpfOpenproject9.9CRITICAL

OpenProject Vulnerability Exposing OAuth Access Tokens in Plaintext

CVE-2026-52783

OpfOpenproject8.2HIGH

CSRF Vulnerability in OpenProject Software from OpenProject Foundation

CVE-2026-52784

OpfOpenproject8.8HIGH

SQL Injection Vulnerability in OpenProject Web-Based Project Management Software

CVE-2026-52785

OpfOpenproject9.9CRITICAL

Privilege Escalation Vulnerability in OpenProject Web-Based Project Management Software

CVE-2026-40896

OpfOpenproject6.5MEDIUM

2FA Bypass Vulnerability in OpenProject by OpenProject Foundation

CVE-2026-33667

OpfOpenproject7.4HIGH

SQL Injection Vulnerability in OpenProject by OpenProject Foundation

CVE-2026-34717

OpfOpenproject9.9CRITICAL

Cross-Site Scripting Vulnerability in OpenProject Project Management Software

CVE-2026-32703

OpfOpenproject9.1CRITICAL

SQL Injection Vulnerability in OpenProject by OpenProject

CVE-2026-32698

OpfOpenproject9.1CRITICAL

OpenProject Vulnerability in SMTP Test Endpoint Allows Internal Network Mapping

CVE-2026-31974

OpfOpenproject3LOW

Deletion Permits Unauthorized Budget Migration in OpenProject

CVE-2026-30239

OpfOpenproject6.5MEDIUM

OpenProject Vulnerability in User Membership Validation

CVE-2026-30236

OpfOpenproject4.3MEDIUM

opf Latest Vulnerabilities

Vulnerability Published:

Sort By:

26 June 2026

Business Logic Error in OpenProject Web-Based Project Management Software

User Enumeration Vulnerability in OpenProject by OpenProject Management

Unauthorized Document Manipulation in OpenProject by OpenProject

Missing Authorization Vulnerability in OpenProject Project Management Software

Authorization Flaw in OpenProject Project Management Software

CSS Injection Vulnerability in OpenProject Project Management Software

Data Exposure Vulnerability in OpenProject by OpenProject Community

Information Disclosure in OpenProject Software by OpenProject Foundation

Web-based project management software vulnerability in OpenProject by OPF

Remote Code Execution Vulnerability in OpenProject by OpenProject Foundation

Authorization Confusion in OpenProject Calendar and Team Planner

Disclosure of Historical Field Values in OpenProject by OPF

HTML Sanitization Flaw in OpenProject Affects Web-Based Project Management Software

Improper Access Control in OpenProject Affects Project Management Systems

OpenProject Vulnerability Exposing OAuth Access Tokens in Plaintext

CSRF Vulnerability in OpenProject Software from OpenProject Foundation

SQL Injection Vulnerability in OpenProject Web-Based Project Management Software

20 April 2026

Privilege Escalation Vulnerability in OpenProject Web-Based Project Management Software

15 April 2026

2FA Bypass Vulnerability in OpenProject by OpenProject Foundation

2 April 2026

SQL Injection Vulnerability in OpenProject by OpenProject Foundation

18 March 2026

Cross-Site Scripting Vulnerability in OpenProject Project Management Software

SQL Injection Vulnerability in OpenProject by OpenProject

11 March 2026

OpenProject Vulnerability in SMTP Test Endpoint Allows Internal Network Mapping

Deletion Permits Unauthorized Budget Migration in OpenProject

OpenProject Vulnerability in User Membership Validation