CVE-2025-59421

Vulnerability Description

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). A bad actor can flood the inbox of a user by repeatedly sending invites (duplicate). The issue is fixed in commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615.

Related Weaknesses (CWE)

CWE-770

References

https://github.com/frappe/press/commit/83c3fc7676c5dbbe1fd5092d21d95a10c7b48615
https://github.com/frappe/press/security/advisories/GHSA-68qm-vp8f-rpr3

FAQ

What is CVE-2025-59421?

CVE-2025-59421 is a documented vulnerability. Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). A bad actor can flood the inbox of a user by repeatedly sending ...

How severe is CVE-2025-59421?

CVSS scoring is not yet available for CVE-2025-59421. Check NVD for updates.

Is there a patch for CVE-2025-59421?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.