Security Advisory

CVE-2026-29081

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-05 20:23:13

Last updated 2026-03-06 17:02:00

Assigner GitHub_M

State PUBLISHED

Description

Frappe is a full-stack web application framework. Prior to versions 14.100.1 and 15.100.0, an endpoint was vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This issue has been patched in versions 14.100.1 and 15.100.0.

← Browse all CVEs View on cve.org ↗