Publicly disclosed vulnerabilities discovered by or reported to Fluid Attacks
Our pentesters
PayloadCMS 3.84.1 - Authenticated account lockout bypass through default unlock access
5.3
Medium
CVE-2026-11779
Published date:
26 jun 2026
Discovered by
Oscar Naveda
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Tree View node label rendering
4.8
Medium
CVE-2026-50712
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Number Card filter fields rendering
4.6
Medium
CVE-2026-50711
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config
4.6
Medium
CVE-2026-50710
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Notifications Events color rendering
4.8
Medium
CVE-2026-50709
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Multi Select Dialog result rendering
4.8
Medium
CVE-2026-50708
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering
4.6
Medium
CVE-2026-50705
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Reflected/Stored XSS in File View breadcrumbs rendering
4.6
Medium
CVE-2026-50704
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
Cargar más
Our pentesters
PayloadCMS 3.84.1 - Authenticated account lockout bypass through default unlock access
5.3
Medium
CVE-2026-11779
Published date:
26 jun 2026
Discovered by
Oscar Naveda
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Tree View node label rendering
4.8
Medium
CVE-2026-50712
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Number Card filter fields rendering
4.6
Medium
CVE-2026-50711
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config
4.6
Medium
CVE-2026-50710
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Notifications Events color rendering
4.8
Medium
CVE-2026-50709
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Multi Select Dialog result rendering
4.8
Medium
CVE-2026-50708
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering
4.6
Medium
CVE-2026-50705
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Reflected/Stored XSS in File View breadcrumbs rendering
4.6
Medium
CVE-2026-50704
Published date:
24 jun 2026
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
Cargar más
Our pentesters
PayloadCMS 3.84.1 - Authenticated account lockout bypass through default unlock access
5.3
Medium
CVE-2026-11779
Published date:
26 jun 2026
Discovered by
Oscar Naveda
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Tree View node label rendering
4.8
Medium
CVE-2026-50712
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Number Card filter fields rendering
4.6
Medium
CVE-2026-50711
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config
4.6
Medium
CVE-2026-50710
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Notifications Events color rendering
4.8
Medium
CVE-2026-50709
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Multi Select Dialog result rendering
4.8
Medium
CVE-2026-50708
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering
4.6
Medium
CVE-2026-50705
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
AI SAST Scanner
Frappe Framework 17.0.0-dev - Reflected/Stored XSS in File View breadcrumbs rendering
4.6
Medium
CVE-2026-50704
Published date:
24 jun 2026
Discovered by
Oscar Uribe
Detected by
Fluid Attacks AI SAST Scanner,
disclosed by
Oscar Uribe
Cargar más


Learn about our policy for disclosing advisories of vulnerabilities in third-party, open-source products.


Inicia tu prueba gratuita de 21 días
Descubre los beneficios de la solución Fluid Attacks, de la que ya disfrutan empresas de todos los tamaños.


Inicia tu prueba gratuita de 21 días
Descubre los beneficios de la solución Fluid Attacks, de la que ya disfrutan empresas de todos los tamaños.


Inicia tu prueba gratuita de 21 días
Descubre los beneficios de la solución Fluid Attacks, de la que ya disfrutan empresas de todos los tamaños.

Las soluciones de Fluid Attacks permiten a las organizaciones identificar, priorizar y remediar vulnerabilidades en su software a lo largo del SDLC. Con el apoyo de la IA, herramientas automatizadas y pentesters, Fluid Attacks acelera la mitigación de la exposición al riesgo de las empresas y fortalece su postura de ciberseguridad.
Productos
Objetivos
Suscríbete a nuestro boletín
Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.
© 2026 Fluid Attacks. We hack your software.
Las soluciones de Fluid Attacks permiten a las organizaciones identificar, priorizar y remediar vulnerabilidades en su software a lo largo del SDLC. Con el apoyo de la IA, herramientas automatizadas y pentesters, Fluid Attacks acelera la mitigación de la exposición al riesgo de las empresas y fortalece su postura de ciberseguridad.
Productos
Objetivos
Compañía
Suscríbete a nuestro boletín
Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.
Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.
© 2026 Fluid Attacks. We hack your software.
Las soluciones de Fluid Attacks permiten a las organizaciones identificar, priorizar y remediar vulnerabilidades en su software a lo largo del SDLC. Con el apoyo de la IA, herramientas automatizadas y pentesters, Fluid Attacks acelera la mitigación de la exposición al riesgo de las empresas y fortalece su postura de ciberseguridad.
Productos
Objetivos
Compañía
Suscríbete a nuestro boletín
Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.
Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.
© 2026 Fluid Attacks. We hack your software.













