frappe Latest Vulnerabilities
Latest vulnerabilities published by frappe
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Frappe: Stored XSS in Frappe Report/List View via 'set_link_title_field_value'
CVE-2026-53568FrappeFrappe6.9MEDIUMFrappe: Lack of permissions checks in 'relink' and 'set_email_password' endpoints
CVE-2026-50026FrappeFrappe6.9MEDIUMFrappe: Broken Access Control on Private Files
CVE-2026-47182FrappeFrappe5.3MEDIUMFrappe: IDOR in update_onboarding_step
CVE-2026-44976FrappeFrappe5.3MEDIUMFrappe: Missing authorization on reset form tours
CVE-2026-44975FrappeFrappe5.3MEDIUMFrappe: DB Schema Enumeration via Frappe-Authorization-Source
CVE-2026-44206FrappeFrappe6.9MEDIUMFrappe: Insecure Direct Object Reference for email accounts
CVE-2026-44207FrappeFrappe6.9MEDIUMFrappe: IDOR in `submit_discussion()`
CVE-2026-44208FrappeFrappe6.9MEDIUMFrappe: Stored Cross-Site Scripting (XSS) in User Profile through Image Upload
CVE-2026-44205FrappeFrappe6.9MEDIUMFrappe Vulnerable to Possible SQL Injection via get_blog_list
CVE-2026-41581FrappeFrappe6.9MEDIUMFrappe: Stored XSS in Note
CVE-2026-47739FrappeFrappe6.9MEDIUMFrappe LMS: HTML injection in user-controlled metadata
CVE-2026-46546FrappeLms2.1LOWERPNext 16.16.0 - Stored XSS in POS cart item rendering
CVE-2026-42839FrappeErpnext4.8MEDIUMERPNext 16.16.0 - Stored XSS in POS customer section via unescaped template literals
CVE-2026-42840FrappeErpnext5.1MEDIUMImproper Authorization in Frappe HR's Human Resources Management Solution
CVE-2026-45081FrappeHrms6.5MEDIUMFile Write Vulnerability in Frappe Learning Management System
CVE-2026-39405FrappeLms9.4CRITICALArbitrary File Read Vulnerability in Frappe Web Application Framework
CVE-2026-39352FrappeFrappe8.7HIGHAuthorization Bypass in ERPNext by Frappe
CVE-2026-44448FrappeErpnext5.9MEDIUMSQL Injection Vulnerability in ERPNext by Frappe
CVE-2026-44447FrappeErpnext8.8HIGHSQL Injection Vulnerability in ERPNext by Frappe
CVE-2026-44446FrappeErpnext8.8HIGHXML External Entity Vulnerability in ERPNext by Frappe
CVE-2026-44445FrappeErpnext5.3MEDIUMRemote Code Execution Risk in ERPNext by Frappe
CVE-2026-44441FrappeErpnext5MEDIUMPath Traversal Vulnerability in ERPNext by Frappe
CVE-2026-44440FrappeErpnext6.5MEDIUMAuthorization Bypass in ERPNext by Frappe
CVE-2026-44442FrappeErpnext9.9CRITICALSandbox Escape in Frappe Framework ERPNext by Frappe
CVE-2023-54345Frappe TechnologiesFrappe Framework (erpn...πΎπ‘8.7HIGH