CVE-2026-41320
- EPSS 0.22%
- Veröffentlicht 21.04.2026 19:34:16
- Zuletzt bearbeitet 27.04.2026 19:38:36
Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they woul...
CVE-2026-40889
- EPSS 0.23%
- Veröffentlicht 21.04.2026 19:32:52
- Zuletzt bearbeitet 27.04.2026 19:39:11
Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by exploiting certain api endpoint. Versions 15.58.2 and 16.4.2 contain a patch. No known ...
CVE-2026-40888
- EPSS 0.23%
- Veröffentlicht 21.04.2026 19:28:28
- Zuletzt bearbeitet 27.04.2026 19:39:35
Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting certain api endpoint. Versions 15.58.1 and 16.4.1 ...