A vulnerability was found in Frappe ERPNext up to 15.101.x/16.10.x . It has been declared as problematic . Affected by this issue is some unknown functionality. Such manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2026-44448 . The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.