Back to CVE List

CVE-2026-39352

Vulnerability Description

Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-22
Source
NVD
Vendor
frappe
Product
frappe

External References

Discussion (0)

Add Comment

No comments yet. Be the first!