VYPR
High severityNVD Advisory· Published May 20, 2026· Updated May 21, 2026

CVE-2026-39352

CVE-2026-39352

Description

Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Frappe/Frappereferences2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <15.105.0 or <16.15.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.