CVE-2026-39352
Vulnerability Description
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-22
Source
NVD
Vendor
frappe
Product
frappe
Discussion (0)
Add Comment
No comments yet. Be the first!