CVE-2026-41317 - Frappe Press has an unsafe HTTP method / CSRF-adjacent issue on API secret generation
CVE ID :CVE-2026-41317 Published : April 24, 2026, 3:16 a.m. | 36 minutes ago Description :Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS).`press.api.account.create_api_secret` is prone to CSRF-like exploits
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · tech
- [TECH] Launch: Ariane 64 | Amazon Leo (LE-02)
- [TECH] Launch: Atlas V 551 | Amazon Leo (LA-06)
- [TECH] Launch: Falcon Heavy | ViaSat-3 F3 (ViaSat-3 Asia-Pacific)
- [TECH] Launch: Falcon 9 Block 5 | Starlink Group 17-16
- [TECH] Launch: Soyuz 2.1a | Progress MS-34 (95P)
- [TECH] Launch: Long March 6 | Unknown Payload