CVE-2026-26031
The CVE describes a privacy flaw in Frappe Learning Management System (LMS) prior to version 2.44.0, where unauthorised users could retrieve the full list of enrolled students (by email) in batches. Affected software is the Frappe LMS prior to 2.44.0; the root cause is not explicitly detailed in ...