An Chu Van

Security Research – iamanc

ERPNext Vulnerabilities

• [ERPNext SSTI (CVE-2025-66434 → CVE-2025-66438)]
  • CVE-2025-66434.
  • CVE-2025-66435.
  • CVE-2025-66436.
  • CVE-2025-66437.
  • CVE-2025-66438.
• ERPNext SQL Injection (CVE-2025-66439, CVE-2025-66440).