A vulnerability categorized as problematic has been discovered in opf openproject up to 17.3.x . This vulnerability affects unknown code of the file /api/v3/relations . Executing a manipulation can lead to information disclosure. This vulnerability is registered as CVE-2026-44736 . It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.