CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/09 11:54 p.m.•9 views

EUVD-2026-35912

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated user could supply specially crafted content in certain user-editable fields that, when surfaced in page metadata, caused visitors' browsers to navigate to...

2.1CVSS5.3AI score0.00234EPSS

CVE•added 2026/06/09 11:54 p.m.•21 views

CVE-2026-46546

Summary: CVE-2026-46546 affects Frappe LMS. Before v2.53.0, an authenticated user could insert crafted content in certain user-editable fields, which—when surfaced in page metadata—caused visitors’ browsers to navigate to an attacker-chosen URL. The issue has been patched in v2.53.0. Impact (as s...

2.1CVSS5.4AI score0.00234EPSS

Cvelist•added 2026/06/09 11:54 p.m.•36 views

CVE-2026-46546 Frappe LMS: HTML injection in user-controlled metadata

2.1CVSS0.00234EPSS

RedhatCVE•added 2026/06/05 7:25 p.m.•6 views

CVE-2026-39415

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS5.4AI score0.00262EPSS

RedhatCVE•added 2026/05/21 7:57 p.m.•8 views

CVE-2026-39405

Frappe Learning Management System LMS is a learning system that helps users structure their content. In versions 2.50.0 and below, a user with course editing role could upload a SCORM ZIP package to write files outside the intended directory. This issue has been resolved in version 2.50.1...

9.4CVSS5.7AI score0.00303EPSS

NVD•added 2026/05/20 8:16 p.m.•14 views

CVE-2026-39405

9.4CVSS0.00303EPSS

ATTACKERKB•added 2026/05/20 7:34 p.m.•7 views

CVE-2026-39405

9.4CVSS5.7AI score0.00303EPSS

Exploits0References3Affected Software1

EUVD•added 2026/05/20 7:34 p.m.•10 views

EUVD-2026-31177

9.4CVSS5.7AI score0.00303EPSS

NVD•added 2026/04/08 9:16 p.m.•1 views

CVE-2026-39415

5.3CVSS0.00262EPSS

EUVD•added 2026/04/08 8:7 p.m.•2 views

EUVD-2026-20603

Cvelist•added 2026/04/08 8:7 p.m.•15 views

CVE-2026-39415 Frappe Learning Management System has Client-Side Manipulation of Quiz Scores

5.3CVSS0.00262EPSS

CVE•added 2026/04/08 8:7 p.m.•9 views

CVE-2026-39415

CVE-2026-39415 affects Frappe LMS prior to 2.46.0, where quiz scores could be altered client-side before submission due to reliance on client-side calculated scores. Impact: data integrity of quiz results is compromised; no confidentiality breach or privilege escalation reported. Remediation: upg...

Exploits0References1Affected Software1

Positive Technologies•added 2026/04/08 12:0 a.m.•1 views

PT-2026-31439

CNNVD•added 2026/04/08 12:0 a.m.•4 views

Frappe Learning Management System 安全漏洞

Frappe Learning Management System is an easy-to-use open-source learning management system developed by Frappe. Versions of the Frappe Learning Management System prior to 2.46.0 contained security vulnerabilities. These vulnerabilities stemmed from reliance on client-side calculations for quiz...