Loading market data...
← Back to CVE feed

CVE-2026-58503

UNKNOWN View on NVD ↗

Description

Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the reset_password endpoint. This issue is fixed in versions 16.16.0 and 15.106.0.

Published: Jul 10, 2026 22:16 UTC Modified: Jul 10, 2026 22:16 UTC