CVE-2026-42219 in Frappeالمعلومات

الملخص

بحسب MITRE • 11/07/2026

Frappe is a full-stack web application framework. Prior to 16.19.0 and 15.109.0, path traversal via download_backups was possible due to lack of hardening. This issue is fixed in versions 16.19.0 and 15.109.0.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

GitHub M

حجز

25/04/2026

إفشاء

11/07/2026

الاعتدال

تمت الموافقة

إدخال

VDB-377657

EPSS

0.00000

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!