CVE-2026-35614 | Frappe up to 15.103.x/16.13.x bulk_update sql injection (GHSA-583g-fg76-fhfr)

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in Frappe up to 15.103.x/16.13.x and classified as critical. This issue affects the function bulk_update. Such manipulation leads to sql injection.

This vulnerability is listed as CVE-2026-35614. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-35614 | Frappe up to 15.103.x/16.13.x bulk_update sql injection (GHSA-583g-fg76-fhfr)

Post correlati

CVE-2025-48143 | Formulario de Contacto SalesUp Plugin up to 1.0.14 on WordPress cross site scripting

CVE-2024-32761 | F5 BIG-IP up to 15.1.9 Traffic Management Microkernel memory leak (K000139217)

CVE-2024-42613 | Pligg CMS 2.0.2 cross-site request forgery

CVE-2024-0486 | code-projects Fighting Cock Information System 1.0 add_con.php chicken sql injection