CVE-2026-22601
OpenProject is an open-source, web-based project management software. For OpenProject version 16.6.1 and below, a registered administrator can execute arbitrary command by configuring sendmail binary path and sending a test email. This issue has been patched in version 16.6.2.
Vendor
Product
CWE
Yayın Tarihi
2026-01-10 02:15:48
Güncelleme
2026-01-14 22:26:03
Source Identifier
security-advisories@github.com
KEV Date Added
-