CVE-2025-55731 — Frappe is a full-stack web application framework. A carefully crafted request could extract data that the user would normally not have access to, via SQL injection. This vulnerability is fixed in 15.7 — CVE Database · The Intelligence Room