Question 1

What is CVE-2026-44207 — CVE-2026-44207?

Accepted Answer

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, an IDOR vulnerability allows authenticated users to access other users' email configuration details. This issue has been patched in versions 15.107.0 and 16.17.0.

Question 2

What is the authoritative source for CVE-2026-44207?

Accepted Answer

CVE-2026-44207 (CVE-2026-44207) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

EPSS	0.32% probability of exploitation · percentile 23.7% · 2026-06-18T12:00:27Z
Last modified	2026-06-12

CVE-2026-44207CVE-2026-44207

Description

Scoring