Frappe Latest High Vulnerabilities

Remote Code Execution Vulnerability in Frappe Framework

CVE-2025-68929

FrappeFrappe9.1CRITICAL

Arbitrary File Upload Risk in Frappe Framework Attachments Module

CVE-2025-67289

FrappeFrappe Framework9.6CRITICAL

Server-Side Template Injection in Frappe ERPNext Application

CVE-2025-66434

FrappeERPNext8.8HIGH

Server-Side Template Injection Vulnerability in Frappe ERPNext

CVE-2025-66437

FrappeERPNext8.8HIGH

Server-Side Template Injection in Frappe ERPNext Product

CVE-2025-66438

FrappeERPNext9.8CRITICAL

SQL Injection Vulnerability in Frappe ERPNext Accounting Module

CVE-2025-66439

FrappeERPNext9.8CRITICAL

SQL Injection Vulnerability in Frappe ERPNext by Frappe

CVE-2025-66440

FrappeERPNext9.8CRITICAL

SQL Injection Vulnerability in Frappe HelpDesk by Frappe

CVE-2025-10655

FrappeFrappe Helpdesk8.6HIGH

Stored XSS Vulnerability in ERPNext and Frappe Framework

CVE-2025-65267

FrappeERPNext9CRITICAL

Error-Based SQL Injection Vulnerability in Frappe Framework

CVE-2025-66205

FrappeFrappe7.1HIGH

SQL Injection Vulnerability in Frappe CRM by Frappe

CVE-2025-11461

FrappeFrappe Crm7.1HIGH

SQL Injection Vulnerability in Frappe ERPNext by Frappe

CVE-2025-52039

FrappeERPNext8.2HIGH

SQL Injection Vulnerability in Frappe ERPNext Software

CVE-2025-52040

FrappeERPNext8.2HIGH

SQL Injection Vulnerability in Frappe ERPNext by Frappe

CVE-2025-52041

FrappeERPNext8.2HIGH

SQL Injection Vulnerability in Frappe ERPNext by Frappe Technologies

CVE-2025-52042

Frappe TechnologiesERPNext8.2HIGH

SQL Injection Vulnerability in Frappe ERPNext by Frappe Technologies

CVE-2025-52044

Frappe TechnologiesFrappe ERPNext7.5HIGH

Error-Based SQL Injection Vulnerability in Frappe ERP Tool

CVE-2025-58439

FrappeErpnext8.1HIGH

SQL Injection Vulnerability in Frappe Framework Affects Sensitive Data Access

CVE-2025-55732

FrappeFrappe8.7HIGH

Access Vulnerability in Frappe Framework Affects User Password Security

CVE-2025-52898

FrappeFrappe8.7HIGH

Cross-Site Scripting Vulnerability in Frappe Framework

CVE-2025-52896

FrappeFrappe8.6HIGH

SQL Injection Vulnerability in Frappe Web Application Framework

CVE-2025-52895

FrappeFrappe8.7HIGH

CSRF Vulnerability in ERPNEXT Product by Frappe

CVE-2025-28062

FrappeERPNEXT8.1HIGH

Information Disclosure Vulnerability in Frappe Framework by Frappe Technologies

CVE-2025-30214

FrappeFrappe8HIGH

SQL Injection Vulnerability Affects Frappe Users

CVE-2024-24813

FrappeFrappe7.5HIGH

Two-Factor Authentication Vulnerability in Frappe Framework

CVE-2020-27508

FrappeFrappe7.5HIGH

Vulnerability Published:

Sort By:

29 December 2025

Remote Code Execution Vulnerability in Frappe Framework

22 December 2025

Arbitrary File Upload Risk in Frappe Framework Attachments Module

15 December 2025

Server-Side Template Injection in Frappe ERPNext Application

Server-Side Template Injection Vulnerability in Frappe ERPNext

Server-Side Template Injection in Frappe ERPNext Product

SQL Injection Vulnerability in Frappe ERPNext Accounting Module

SQL Injection Vulnerability in Frappe ERPNext by Frappe

9 December 2025

SQL Injection Vulnerability in Frappe HelpDesk by Frappe

3 December 2025

Stored XSS Vulnerability in ERPNext and Frappe Framework

1 December 2025

Error-Based SQL Injection Vulnerability in Frappe Framework

26 November 2025

SQL Injection Vulnerability in Frappe CRM by Frappe

1 October 2025

SQL Injection Vulnerability in Frappe ERPNext by Frappe

SQL Injection Vulnerability in Frappe ERPNext Software

SQL Injection Vulnerability in Frappe ERPNext by Frappe

SQL Injection Vulnerability in Frappe ERPNext by Frappe Technologies

16 September 2025

SQL Injection Vulnerability in Frappe ERPNext by Frappe Technologies

6 September 2025

Error-Based SQL Injection Vulnerability in Frappe ERP Tool

20 August 2025

SQL Injection Vulnerability in Frappe Framework Affects Sensitive Data Access

30 June 2025

Access Vulnerability in Frappe Framework Affects User Password Security

Cross-Site Scripting Vulnerability in Frappe Framework

SQL Injection Vulnerability in Frappe Web Application Framework

5 May 2025

CSRF Vulnerability in ERPNEXT Product by Frappe

25 March 2025

Information Disclosure Vulnerability in Frappe Framework by Frappe Technologies

21 March 2024

SQL Injection Vulnerability Affects Frappe Users

11 December 2020

Two-Factor Authentication Vulnerability in Frappe Framework