VYPR
Low severityOSV Advisory· Published Sep 18, 2025· Updated Apr 15, 2026

CVE-2025-59421

CVE-2025-59421

Description

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). A bad actor can flood the inbox of a user by repeatedly sending invites (duplicate). The issue is fixed in commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Frappe/PressOSV2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: < commit c7b48615

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.