5 matches found
EUVD-2026-36490
Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...
CVE-2026-44206
Frappe (full-stack web application framework) contains CVE-2026-44206, where DB Schema Enumeration is possible via a vulnerable endpoint prior to versions 15.107.2 and 16.17.4. The issue has been patched in those versions. The CVSS 4.0 base score is 6.9 (MEDIUM) with network attack vector, low co...
CVE-2026-44206 Frappe: DB Schema Enumeration via Frappe-Authorization-Source
Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...
CVE-2026-44206 Frappe: DB Schema Enumeration via Frappe-Authorization-Source
Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...
PT-2026-48889
Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4...