CVE-2026-39351

Published April 7th, 2026

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

N/A

Affected

1

PROJECT

Description

Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe allows unrestricted Doctype access via API exploit.

Low code web framework for real world applications, in Python and Javascript

GitHub

10.3K