CVE-2026-39351 Blast Radius

CRITICAL • CVSS 9.1Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe allows unrestricted Doctype access via API exploit.

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-39351.

Start Free Scan →← Back to CVE-2026-39351