Lucene search
K

26 matches found

Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.13 views

PT-2026-5180

Name of the Vulnerable Software and Affected Versions OpenProject versions 17.0.0 through 17.0.1 Description OpenProject is a web-based project management software. A flaw exists in the BlockNote editor extension introduced in version 17.0.0, which allows mentioning OpenProject work packages with...

7.3CVSS5.6AI score0.00105EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.5 views

CVE-2026-22600

OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...

9.1CVSS6.4AI score0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/10 1:6 a.m.6 views

EUVD-2026-1887

OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...

9.1CVSS6AI score0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/10 1:6 a.m.3 views

CVE-2026-22600 OpenProject is Vulnerable to Arbitrary File Read via ImageMagick SVG Coder

OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...

9.1CVSS6.2AI score0.0028EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/10 1:6 a.m.28 views

CVE-2026-22600 OpenProject is Vulnerable to Arbitrary File Read via ImageMagick SVG Coder

OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...

9.1CVSS0.0028EPSS
Exploits0References2
OSV
OSV
added 2026/01/08 1:1 a.m.7 views

MAL-2026-149 Malicious code in bnia-work (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f78b12fa102dbd32d8d3a27c016f7b790124a3a73bdf1970768799e120183c30 The package bnia-work was found to contain malicious code. Source: ghsa-malware 2583fa3177342feb8975727c7ad5873d1a1e7bea2ce3ce445343aaa9a0b3459b Any...

6.8AI score
Exploits0References1
Rows per page
Query Builder