CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/20 8:16 p.m.•7 views

CVE-2026-39405

9.4CVSS0.00052EPSS

Exploits0References2

EUVD•added 2026/05/20 7:34 p.m.•5 views

EUVD-2026-31177

9.4CVSS5.7AI score0.00052EPSS

Exploits0References2

ATTACKERKB•added 2026/05/20 7:34 p.m.•3 views

CVE-2026-39405

9.4CVSS5.7AI score0.00052EPSS

Exploits0References3Affected Software1

NVD•added 2026/04/08 9:16 p.m.•0 views

CVE-2026-39415

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS0.00037EPSS

EUVD•added 2026/04/08 8:7 p.m.•0 views

EUVD-2026-20603

CVE•added 2026/04/08 8:7 p.m.•3 views

CVE-2026-39415

CVE-2026-39415 affects Frappe LMS prior to 2.46.0, where quiz scores could be altered client-side before submission due to reliance on client-side calculated scores. Impact: data integrity of quiz results is compromised; no confidentiality breach or privilege escalation reported. Remediation: upg...

Exploits0References1Affected Software1

Cvelist•added 2026/04/08 8:7 p.m.•14 views

CVE-2026-39415 Frappe Learning Management System has Client-Side Manipulation of Quiz Scores

5.3CVSS0.00037EPSS

Positive Technologies•added 2026/04/08 12:0 a.m.•0 views

PT-2026-31439

CNNVD•added 2026/04/08 12:0 a.m.•2 views

Exploits0References2

Frappe Learning Management System 安全漏洞

Frappe Learning Management System is an easy-to-use open-source learning management system developed by Frappe. Versions of the Frappe Learning Management System prior to 2.46.0 contained security vulnerabilities. These vulnerabilities stemmed from reliance on client-side calculations for quiz...

NVD•added 2026/04/02 6:16 p.m.•2 views

CVE-2026-34606

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS0.00035EPSS

Exploits0References4

Cvelist•added 2026/04/02 5:50 p.m.•13 views

CVE-2026-34606 Stored XSS in Frappe LMS

6.9CVSS0.00035EPSS

Exploits0References4

ATTACKERKB•added 2026/04/02 5:50 p.m.•1 views

CVE-2026-34606

Exploits0References5Affected Software1

EUVD•added 2026/04/02 5:50 p.m.•1 views

EUVD-2026-18462

CVE•added 2026/04/02 5:50 p.m.•2 views

Exploits0References4

CVE-2026-34606

CVE-2026-34606 concerns Frappe LMS. The vulnerability is a stored XSS affecting Frappe LMS releases from version 2.27.0 up to 2.47.x (i.e., before 2.48.0). The issue has been patched in 2.48.0 . The provided sources do not supply exploit details, affected modules, or specific attack vectors beyon...

Exploits0References4Affected Software1

Positive Technologies•added 2026/04/02 12:0 a.m.•1 views

PT-2026-29861

RedhatCVE•added 2026/02/21 1:30 a.m.•1 views

Exploits0References5

CVE-2026-26977

Frappe Learning Management System LMS is a learning system that helps users structure their content. In versions 2.44.0 and below, unauthorized users are able to access the details of unpublished courses via API endpoints. A fix for this issue is planned for the 2.45.0 release...

6.9CVSS5.5AI score0.00014EPSS