Unauthorized Resource Access in Frappe Framework
CVE-2026-50026
6.9MEDIUM
What is CVE-2026-50026?
Frappe Framework, utilized for developing enterprise applications, was found to have a security flaw that allowed unauthorized users to access sensitive resources due to insufficient permission checks in certain endpoints. This vulnerability has since been addressed in the more recent versions 15.107.0 and 16.17.0, which implement necessary checks to safeguard against unauthorized access.
Affected Version(s)
frappe < 15.107.0 < 15.107.0
frappe < 16.17.0 < 16.17.0
