CVE-2026-47182 Overview
CVE-2026-47182 is an access control vulnerability in the Frappe full-stack web application framework. Authenticated users can access private files by guessing file paths, bypassing the framework's intended file access controls. The flaw affects all versions of Frappe prior to 16.17.4 and is tracked under [CWE-284: Improper Access Control].
The vulnerability requires only low-privilege authentication and exposes private file content over the network. Frappe maintainers patched the issue in version 16.17.4. The advisory is published on the Frappe GitHub Security Advisory GHSA-gvg7-4p32-j648.
Critical Impact
Any authenticated Frappe user can retrieve private files by guessing their paths, leading to disclosure of confidential documents, attachments, and uploaded records.
Affected Products
- Frappe Framework versions prior to 16.17.4
- Applications built on the Frappe framework that rely on private file storage
- ERPNext and other downstream products that depend on vulnerable Frappe releases
Discovery Timeline
- 2026-06-12 - CVE-2026-47182 published to NVD
- 2026-06-17 - Last updated in NVD database
Technical Details for CVE-2026-47182
Vulnerability Analysis
Frappe is a Python and JavaScript framework that powers ERPNext and other business applications. The framework supports uploading files marked as private, which should be restricted to authorized users.
The vulnerability allows any authenticated user to access private files when they know or guess the file path. The file delivery handler validates authentication but does not enforce object-level authorization against the requesting user. As a result, a low-privileged session can fetch documents intended for other users or roles.
The issue is classified under [CWE-284: Improper Access Control]. Exploitation is network-reachable and requires no user interaction, but does require valid credentials on the Frappe instance.
Root Cause
The root cause is missing authorization enforcement on the private file retrieval endpoint. Frappe stores private uploads under predictable directory structures, and file names are often derived from document identifiers, timestamps, or original filenames. The handler returns file content based on path resolution alone, without checking whether the caller has read permission on the parent document or file record.
Attack Vector
An attacker authenticates to the target Frappe instance using any valid account, including self-registered or low-privilege users. The attacker then requests private file URLs while iterating over predictable path fragments such as document names, sequential identifiers, or known filename conventions.
When a guessed path matches an existing private file, the server returns the file content despite the user lacking explicit permissions on the underlying record. Automated path enumeration can systematically harvest attachments, signed documents, customer records, and other sensitive uploads.
No verified public exploit code is available. Refer to the Frappe GitHub Security Advisory for vendor-supplied technical details.
Detection Methods for CVE-2026-47182
Indicators of Compromise
- High volumes of requests to /private/files/ paths from a single authenticated session
- Sequential or dictionary-style enumeration patterns against file URLs in Frappe access logs
- Successful 200 responses to private file requests from users without related document permissions
- Anomalous data egress volume tied to a single low-privilege user account
Detection Strategies
- Audit Frappe web server logs for repeated GET requests to /private/files/ with varied filename parameters
- Correlate file download events with the requesting user's role and document permission set
- Alert when a single session retrieves private files at a rate inconsistent with normal application use
- Compare requested file owners against the authenticated user to identify cross-tenant or cross-user access
Monitoring Recommendations
- Enable verbose access logging on the Frappe reverse proxy and retain logs for forensic review
- Forward Frappe and Nginx logs to a centralized analytics platform for behavioral baselining
- Monitor authentication events for newly created low-privilege accounts followed by rapid file access
- Track outbound bandwidth on the Frappe host to detect bulk file exfiltration
How to Mitigate CVE-2026-47182
Immediate Actions Required
- Upgrade Frappe to version 16.17.4 or later on all production and staging instances
- Audit user accounts and disable inactive, default, or self-registered accounts that are not required
- Review private file access logs for evidence of enumeration or unauthorized retrieval prior to patching
- Rotate any credentials, API keys, or secrets that may have been stored in private file uploads
Patch Information
The vulnerability is fixed in Frappe 16.17.4. Administrators should upgrade through the standard bench update workflow or apply the upstream patch manually. See the Frappe GitHub Security Advisory GHSA-gvg7-4p32-j648 for release notes and remediation guidance.
Workarounds
- Restrict Frappe instance access to trusted networks or VPN until the patch is applied
- Disable open user self-registration to reduce the pool of accounts that can authenticate
- Apply least-privilege role configurations and remove unnecessary read permissions on file doctypes
- Place a web application firewall rule in front of /private/files/ to throttle enumeration attempts
# Configuration example: upgrade Frappe using bench
bench update --reset
bench --site all migrate
bench version | grep frappe
# Confirm output reports frappe 16.17.4 or later
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

