| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-46426 | Budibase: Unrestricted Upload of File with Dangerous Type | Budibase | budibase | High | 7.6 | 2026-05-27 17:04:42 | Deep Dive |
| CVE-2026-46427 | Budibase: Snowflake private key returned unmasked from datasource API to BASIC users | Budibase | budibase | High | 7.7 | 2026-05-27 17:03:11 | Deep Dive |
| CVE-2026-48128 | Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step | Budibase | budibase | - | - | 2026-05-27 17:01:04 | Deep Dive |
| CVE-2026-48146 | Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection | Budibase | budibase | High | 7.7 | 2026-05-27 17:00:26 | Deep Dive |
| CVE-2026-4392 | TeamSpeak 3 Server clientek Handshake assertion | - | TeamSpeak 3 Server | Medium | 5.3 | 2026-05-27 17:00:10 | Deep Dive |
| CVE-2026-48149 | Budibase: Stored XSS in Text component: BASIC users execute JS in admin session via MarkdownViewer innerHTML + CDN+srcdoc CSP bypass | Budibase | budibase | High | 8.1 | 2026-05-27 16:59:31 | Deep Dive |
| CVE-2026-48150 | Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign | Budibase | budibase | Critical | 9.0 | 2026-05-27 16:58:19 | Deep Dive |
| CVE-2026-48151 | Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema | Budibase | budibase | High | 7.5 | 2026-05-27 16:57:36 | Deep Dive |
| CVE-2026-48152 | Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL | Budibase | budibase | High | 8.1 | 2026-05-27 16:56:47 | Deep Dive |
| CVE-2026-48153 | Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata | Budibase | budibase | High | 8.5 | 2026-05-27 16:52:43 | Deep Dive |
| CVE-2026-45061 | Budibase: SSRF via trivial `.tar.gz` substring bypass in Plugin URL upload (`/api/plugin`) | Budibase | budibase | High | 7.7 | 2026-05-27 16:50:58 | Deep Dive |
| CVE-2026-4391 | TeamSpeak 3 Server ECC Key heap-based overflow | - | TeamSpeak 3 Server | Medium | 5.3 | 2026-05-27 16:45:08 | Deep Dive |
| CVE-2026-44460 | FileRise: TOTP Bypass via Setup Endpoint Disclosing Existing Secret | error311 | FileRise | High | 7.4 | 2026-05-27 16:39:12 | Deep Dive |
| CVE-2026-45047 | bird-lg-go: Fatal Out-of-Memory (OOM) Denial of Service via Unbounded JSON Decoding | xddxdd | bird-lg-go | High | 7.5 | 2026-05-27 16:37:36 | Deep Dive |
| CVE-2026-44378 | Botan: Quadratic complexity decoding BER indefinite length encodings | randombit | botan | - | - | 2026-05-27 16:34:34 | Deep Dive |
| CVE-2026-42328 | go-ipld-prime: DAG-CBOR and DAG-JSON decoders unbounded recursion depth | ipld | go-ipld-prime | Medium | 6.2 | 2026-05-27 16:31:38 | Deep Dive |
| CVE-2026-4390 | TeamSpeak 3 Server Connection State Management process_resend_queue use after free | - | TeamSpeak 3 Server | Medium | 5.4 | 2026-05-27 16:30:09 | Deep Dive |
| CVE-2026-42081 | free5GC: UE Security Capability bypass on NGAP PathSwitchRequest | free5gc | free5gc | Medium | 6.1 | 2026-05-27 15:59:58 | Deep Dive |
| CVE-2026-42082 | free5GC: Missing Concurrent NAS SMC Validation During NGAP Handover | free5gc | free5gc | Low | 3.7 | 2026-05-27 15:59:21 | Deep Dive |
| CVE-2026-42083 | free5GC: PCF Npcf_SMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI | free5gc | free5gc | High | 8.2 | 2026-05-27 15:56:11 | Deep Dive |