Frappe Framework < 16.15.0 - Arbitrary File Read via render_include Path Traversal CVE-2026-39352
- Severity
- EPSS Score
- EPSS Percentile
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://github.com/frappe/frappe/security/advisories/GHSA-67rf-pxgh-vfqvhttps://github.com/frappe/frappe/commit/b5ab941788f6232b4f9313432ea7bfb61389fbfdhttps://github.com/frappe/frappe/pull/38215https://nvd.nist.gov/vuln/detail/CVE-2026-39352
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Cisa Kev
- No
- Exploitable with Sniper
- No
- CVE Published
- May 20, 2026
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.