Vulnerabilities

Report: CVE-2026-44442 - ERPNext: Unauthorised Document modification due to missing validation

2026-05-14 0 views admin

CVE ID :CVE-2026-44442 Published : May 13, 2026, 10:16 p.m. | 1 hour, 33 minutes ago Description :ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.1, certain endpoints failed to enforce proper authorization checks, allowing users to modify data beyond their permitted role. This vulnerability is fixed in 16.9.1. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-44442

Severity

CRITICAL

Published

May 13, 2026

🏷️ Tags

report44442erpnextunauthoriseddocumentmodificationmissingvalidationcverce

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-44442 - ERPNext: Unauthorised Document modification due to missing validation

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Complete Guide to CVE-2026-44195 - OPNsense: Authentication lockout bypass

Report: CVE-2026-44194 - OPNsense: RCE on user managment

Report: CVE-2026-44193 - OPNsense: RCE via XMLRPC endpoint using `opnsense.restore_config_section` method - Expert Insights

Report: CVE-2026-44426 - ShellHub: Cross-tenant IDOR in `GET /api/namespaces/:tenant` via API Key bypasse

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting