Medium severity5.0NVD Advisory· Published May 13, 2026· Updated May 14, 2026
CVE-2026-44441
CVE-2026-44441
Description
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.106.0 and 16.16.0, a malicious user could send a crafted request to an endpoint, which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 15.106.0 and 16.16.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/frappe/erpnext/security/advisories/GHSA-m4m4-j2m2-7fcwnvdVendor Advisory
News mentions
0No linked articles in our index yet.