Back to search
CVE-2026-26977
Published: Feb 20, 2026
Modified: Feb 20, 2026
PUBLISHED
Description
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.44.0 and below, unauthorized users are able to access the details of unpublished courses via API endpoints. A fix for this issue is planned for the 2.45.0 release.
| Vendor | Product | Versions |
|---|---|---|
frappe | lms | affected <= 2.44.0 |
References
https://github.com/frappe/lms/security/advisories/GHSA-26vf-p39q-frx3
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now