Back to CVE List

CVE-2026-52780

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.6 / 10
Vector String
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Description

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, cache store poisoning leads to Remote Code Execution (RCE). This vulnerability is fixed in 17.3.3 and 17.4.1.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-20
Source
NVD
Vendor
opf
Product
openproject

External References

Discussion (0)

Add Comment

No comments yet. Be the first!