CVE-2025-58439 | Frappe ERPNext up to 14.89.1/15.75.x sql injection (GHSA-fvjw-5w9q-6v39)

A vulnerability described as critical has been identified in Frappe ERPNext up to 14.89.1/15.75.x. This issue affects some unknown processing. Such manipulation leads to sql injection.

This vulnerability is traded as CVE-2025-58439. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More