CVE-2026-47199 PUBLISHED

Frappe: check_safe_sql_query Permits SELECT INTO OUTFILE

Assigner: GitHub_M
Reserved: 18.05.2026 Published: 10.07.2026 Updated: 10.07.2026

Frappe is a full-stack web application framework. Prior to 16.18.3 and 15.108.0, check_safe_sql_query permitted SELECT INTO OUTFILE queries, which could potentially work on self-hosted sites if database permissions are not well aligned and MySQL FILE privileges are available. This issue is fixed in versions 16.18.3 and 15.108.0.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score: 2.3

Product Status

Vendor frappe
Product frappe
Versions
  • Version < 15.108.0 is affected
  • Version >= 16.0.0-beta.1, < 16.18.3 is affected

References

Problem Types

  • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE