CVE ID :CVE-2026-46386 Published : June 26, 2026, 7:26 p.m. | 5 hours, 45 minutes ago Description :OpenProject is open-source, web-based project management software. Prior to , the official openproject/openproject Docker image ships ENV SECRET_KEY_BASE=OVERWRITE_ME as the default Rails master...

#Sicherheitslücke #Cloud

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-46386 - OpenProject: Pre-authentication RCE in openproject/openproject Docker image via default `SECRET_KEY_BASE=OVERWRITE_ME` and `cookies_serializer = :marshal`

VERWANDTEARTIKEL

New Bucket Hijacking Attack Allows Hackers to Reroute Cloud Data Streams to External Storage

CVE-2026-56414 - H.VIEW HV-500S6 IP Camera Unrestricted Upload of File with Dangerous Type

CVE-2026-55975 - H.VIEW HV-500S6 IP Camera OS Command Injection

CVE-2026-31928 - Daktronics Controller Firmware Use of Hard-coded Credentials

CVE-2026-33560 - Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type

CVE-2026-28701 - Daktronics Controller Firmware Path Traversa