1
1
0
0
Vulnerability Timeline
1 vulnerabilities discovered over time for Erpnext
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-27471 | 9.3 | This vulnerability allows an attacker to access sensitive documents in the ERPNext system without proper authorization, potentially exposing confidential information. It affects versions up to 15.98.0 and 16.0.0-rc.1 and requires the attacker to have access to certain endpoints that do not properly check user permissions. | frappeerpnext | Theoretical | about 2 months agoFeb 21, 2026 |
About Frappe Erpnext Security
This page provides comprehensive security vulnerability tracking for Frappe Erpnext. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Erpnext updated to the latest version
- • Subscribe to security advisories from Frappe
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately