|
21
|
9.0 |
CRITICAL
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-…
New
|
CWE-915
Improperly Controlled Modification of Dynamically-Determined Object Attributes
|
CVE-2026-48150
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
8.1 |
HIGH
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-48149
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
- |
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reser…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-48148
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.35.4, the buildMatcherRegex() / matches() functions in packages/backend-core/src/middleware/matchers.ts route patterns are compiled into unanc…
New
|
CWE-185
CWE-352
Incorrect Regular Expression
Origin Validation Error
|
CVE-2026-48147
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
7.7 |
HIGH
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-48146
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
- |
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.39.0, the executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-48128
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
7.7 |
HIGH
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is D…
New
|
CWE-200
Information Exposure
|
CVE-2026-46427
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
7.6 |
HIGH
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.38.2, the file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks …
New
|
CWE-79
CWE-434
Cross-site Scripting
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-46426
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise featu…
New
|
CWE-862
Missing Authorization
|
CVE-2026-46425
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
4.2 |
MEDIUM
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1/roles/unassign) updates user documents in CouchDB but does not invalidate…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-46424
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
