CVE-2026-39405: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in frappe lms
CVE-2026-39405 is a critical path traversal vulnerability in Frappe Learning Management System (LMS) versions 2. 50. 0 and below. It allows a user with course editing privileges to upload a SCORM ZIP package that can write files outside the intended directory. This issue enables unauthorized file writes beyond restricted paths. The vulnerability has been fixed in version 2. 50. 1. The CVSS 4. 0 base score is 9.
AI Analysis
Technical Summary
Frappe LMS versions prior to 2.50.1 contain a CWE-22 path traversal vulnerability. A user with course editing role can upload specially crafted SCORM ZIP packages that bypass directory restrictions and write files outside the designated directory. This improper limitation of pathname allows unauthorized file system modifications. The vulnerability was publicly disclosed and assigned CVE-2026-39405 with a CVSS 4.0 score of 9.4. The issue is resolved in version 2.50.1.
Potential Impact
An attacker with course editing privileges can exploit this vulnerability to write files outside the intended directory, potentially leading to unauthorized file modification or code execution depending on the environment. The high CVSS score reflects the critical nature of the impact, including high exploitability and potential for significant system compromise.
Mitigation Recommendations
Upgrade Frappe LMS to version 2.50.1 or later, where this vulnerability has been fixed. No other mitigation or temporary workaround is indicated. Patch status is confirmed by the vendor's versioning information.
CVE-2026-39405: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in frappe lms
Description
CVE-2026-39405 is a critical path traversal vulnerability in Frappe Learning Management System (LMS) versions 2. 50. 0 and below. It allows a user with course editing privileges to upload a SCORM ZIP package that can write files outside the intended directory. This issue enables unauthorized file writes beyond restricted paths. The vulnerability has been fixed in version 2. 50. 1. The CVSS 4. 0 base score is 9.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Frappe LMS versions prior to 2.50.1 contain a CWE-22 path traversal vulnerability. A user with course editing role can upload specially crafted SCORM ZIP packages that bypass directory restrictions and write files outside the designated directory. This improper limitation of pathname allows unauthorized file system modifications. The vulnerability was publicly disclosed and assigned CVE-2026-39405 with a CVSS 4.0 score of 9.4. The issue is resolved in version 2.50.1.
Potential Impact
An attacker with course editing privileges can exploit this vulnerability to write files outside the intended directory, potentially leading to unauthorized file modification or code execution depending on the environment. The high CVSS score reflects the critical nature of the impact, including high exploitability and potential for significant system compromise.
Mitigation Recommendations
Upgrade Frappe LMS to version 2.50.1 or later, where this vulnerability has been fixed. No other mitigation or temporary workaround is indicated. Patch status is confirmed by the vendor's versioning information.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-07T00:23:30.594Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a0e173eba1db47362a37ea8
Added to database: 5/20/2026, 8:19:10 PM
Last enriched: 5/20/2026, 8:34:08 PM
Last updated: 5/21/2026, 6:15:06 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.