Vulnerabilities

CVE-2026-40889

by Fred · 21/04/2026

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by exploiting certain api endpoint. Versions 15.58.2 and 16.4.2 contain a patch. No known workarounds are available.

More information : https://github.com/frappe/hrms/releases/tag/v15.58.2

Similar

Tags: Cybersecurity Alert