CVE-2026-55852 - Frappe: TarSlip RCE in Package Import
CVE ID :CVE-2026-55852 Published : July 10, 2026, 10:16 p.m. | 16 minutes ago Description :Frappe is a full-stack web application framework. Prior to 16.23.0 and 15.112.0, TarSlip RCE was possible in Package Import because tarfile members were not sufficiently checked before extraction. This...