Every CVE whose affected-product data names Frappe Learning, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2025-66581 — CVSS 6.5 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.41.0, a flaw in the…
CVE-2023-42807 — CVSS 6.3 (medium): Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection…
CVE-2023-5555 — CVSS 6.1 (medium): Cross-site Scripting (XSS) - Generic in GitHub repository frappe/lms prior to 5614a6203fb7d438be8e2b1e3030e4528d170ec4.
CVE-2026-34606 — CVSS 6.1 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. From version 2.27.0 to before…
CVE-2025-62779 — CVSS 5.4 (medium): Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to…
CVE-2025-64707 — CVSS 5.4 (medium): Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when…
CVE-2025-67730 — CVSS 5.4 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allow…
CVE-2025-67734 — CVSS 5.4 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed…
CVE-2026-23497 — CVSS 5.4 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a…
CVE-2025-62778 — CVSS 5.3 (medium): Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were…
CVE-2026-26031 — CVSS 5.3 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.44.0, security issue was…
CVE-2026-26977 — CVSS 5.3 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.44.0 and below…
CVE-2025-62158 — CVSS 5.3 (medium): Frappe Learning is a learning system that helps users structure their content. In versions prior to 2.38.0, the system did stored the…
CVE-2025-11281 — CVSS 5.0 (medium): A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component…
CVE-2025-59415 — CVSS 4.6 (medium): Frappe Learning is a learning system that helps users structure their content. In versions 2.34.1 and below, there is a security…
CVE-2025-55006 — CVSS 4.3 (medium): Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality…
CVE-2026-39415 — CVSS 4.3 (medium): Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has…
CVE-2025-64705 — CVSS 4.3 (medium): Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users…
CVE-2025-11280 — CVSS 3.7 (low): A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture…
CVE-2025-11282 — CVSS 2.4 (low): A vulnerability was found in Frappe LMS 2.34.x/2.35.0. The impacted element is an unknown function of the component Incomplete Fix…
CVE-2025-11283 — CVSS 2.4 (low): A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing…