CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CVE-2026-44976 Frappe: IDOR in update_onboarding_step

Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4...

5.3CVSS

Exploits0References1

EUVD•added 8 hours ago•4 views

EUVD-2026-36493

Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4...

5.3CVSS5.2AI score

Exploits0References1

CVE•added 8 hours ago•4 views

CVE-2026-44976

CVE-2026-44976 affects the Frappe web framework. The vulnerability is described as an IDOR in the “update_onboarding_step” function, allowing any user to modify any field in any Onboarding Step record prior to version 16.17.4. The issue is explicitly patched in version 16.17.4. The available conn...

5.3CVSS5.3AI score

Exploits0References1

Vulnrichment•added 8 hours ago•3 views

CVE-2026-44976 Frappe: IDOR in update_onboarding_step

Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4...

5.3CVSS5.3AI score

Exploits0References1

Positive Technologies•added 23 hours ago•6 views

PT-2026-48894

Frappe is a full-stack web application framework. Prior to version 16.17.4, any user can modify any field in any Onboarding Step record. This issue has been patched in version 16.17.4...

5.3CVSS5.2AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by