CVE-2026-24685 — OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint — CVE Database · The Intelligence Room