A vulnerability has been found in opf openproject up to 17.3.1 and classified as problematic . This impacts an unknown function of the file /api/v3/users/me of the component Password Validation Handler . The manipulation leads to unverified password change. This vulnerability is referenced as CVE-2026-44733 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.