983 matches found
Frappe Framework < 16.15.0 - Arbitrary File Read via render_include Path Traversal
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above. id: CVE-2026-39352 info: name: Frappe Framework 16.15.0 - Arbitrary File...
CVE-2026-58503
Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the resetpassword endpoint. This issue is fixed in versions 16.16.0 and 15.106.0...
CVE-2026-55852
Frappe is a full-stack web application framework. Prior to 16.23.0 and 15.112.0, TarSlip RCE was possible in Package Import because tarfile members were not sufficiently checked before extraction. This issue is fixed in versions 16.23.0 and 15.112.0...
CVE-2026-49394
Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...
CVE-2026-48127
Frappe is a full-stack web application framework. Prior to 16.20.0 and 15.110.0, users without write access could attach files to any doctype through file-handling API endpoints such as addattachments. This issue is fixed in versions 16.20.0 and 15.110.0...
CVE-2026-47422
Frappe is a full-stack web application framework. Prior to 15.107.5 and 16.18.2, an endpoint in reportview lacked appropriate permission checks and that has since been fixed. This vulnerability is fixed in 15.107.5 and 16.18.2...
CVE-2026-47199
Frappe is a full-stack web application framework. Prior to 16.18.3 and 15.108.0, checksafesqlquery permitted SELECT INTO OUTFILE queries, which could potentially work on self-hosted sites if database permissions are not well aligned and MySQL FILE privileges are available. This issue is fixed in...
CVE-2026-42219
Frappe is a full-stack web application framework. Prior to 16.19.0 and 15.109.0, path traversal via downloadbackups was possible due to lack of hardening. This issue is fixed in versions 16.19.0 and 15.109.0...
CVE-2026-41482
Frappe is a full-stack web application framework. Prior to 16.18.3, possible path traversal and local file inclusion were possible through secure local resource access in the Chrome PDF Generator. This issue is fixed in version 16.18.3...
CVE-2026-55852
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-55852 Frappe: TarSlip RCE in Package Import
Frappe is a full-stack web application framework. Prior to 16.23.0 and 15.112.0, TarSlip RCE was possible in Package Import because tarfile members were not sufficiently checked before extraction. This issue is fixed in versions 16.23.0 and 15.112.0...
CVE-2026-55852 Frappe: TarSlip RCE in Package Import
Frappe is a full-stack web application framework. Prior to 16.23.0 and 15.112.0, TarSlip RCE was possible in Package Import because tarfile members were not sufficiently checked before extraction. This issue is fixed in versions 16.23.0 and 15.112.0...
CVE-2026-42219 Frappe: Path Traversal via /backups Route
Frappe is a full-stack web application framework. Prior to 16.19.0 and 15.109.0, path traversal via downloadbackups was possible due to lack of hardening. This issue is fixed in versions 16.19.0 and 15.109.0...
CVE-2026-42219
Frappe CVE-2026-42219 describes a path traversal vulnerability via the /backups route in the web framework. Affected versions are prior to 16.19.0 and 15.109.0, where insufficient hardening allowed path traversal during backups download. The issue is fixed in 16.19.0 and 15.109.0 releases. CVSS m...
CVE-2026-42219 Frappe: Path Traversal via /backups Route
Frappe is a full-stack web application framework. Prior to 16.19.0 and 15.109.0, path traversal via downloadbackups was possible due to lack of hardening. This issue is fixed in versions 16.19.0 and 15.109.0...
CVE-2026-49394 Frappe: Auth. bypass via update_page
Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...
CVE-2026-49394
Frappe CVE-2026-49394: Before version 16.19.0, authorization bypass was possible via the update_page endpoint in Workspace because the Workspace Manager edit check was not enforced for public workspaces. The issue is fixed in 16.19.0. The CVSS metrics indicate a NETWORK attack vector, LOW access ...
CVE-2026-49394 Frappe: Auth. bypass via update_page
Frappe is a full-stack web application framework. Prior to 16.19.0, authorization bypass was possible via the updatepage endpoint in Workspace because public workspaces did not receive the required Workspace Manager edit check. This issue is fixed in version 16.19.0...
CVE-2026-48127
Frappe CVE-2026-48127 concerns an attacker could exploit attachment handling to inject arbitrary attachments in Doctypes. Specifically, prior to version 16.20.0 and 15.110.0, users without write access could attach files to any doctype via file-handling endpoints such as add_attachments. The issu...
CVE-2026-48127 Frappe: Arbitrary Attachment Injection via add_attachments and upload_file
Frappe is a full-stack web application framework. Prior to 16.20.0 and 15.110.0, users without write access could attach files to any doctype through file-handling API endpoints such as addattachments. This issue is fixed in versions 16.20.0 and 15.110.0...