VYPR
Unrated severityNVD Advisory· Published Feb 20, 2026· Updated Feb 20, 2026

Frappe Learning Management System exposes details of unpublished courses to unauthorized users

CVE-2026-26977

Description

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.44.0 and below, unauthorized users are able to access the details of unpublished courses via API endpoints. A fix for this issue is planned for the 2.45.0 release.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.