Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Budibase — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting Budibase. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Budibase serves as a low-code platform enabling rapid development of internal tools and business applications. Historically, the platform has been susceptible to multiple critical vulnerabilities, including remote code execution, cross-site scripting, and privilege escalation flaws, contributing to its 18 recorded CVEs. Security researchers have identified authentication bypasses and insecure default configurations as recurring issues. While no major public security incidents have been widely documented, the significant CVE count suggests potential risks for organizations implementing Budibase without rigorous hardening. Users should prioritize applying security patches and implementing additional safeguards when deploying this platform for business-critical applications.

Top products by Budibase: budibase budibase/budibase
CVE IDTitleCVSSSeverityPublished
CVE-2026-48147 Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker — budibaseCWE-185 6.5 Medium2026-05-27
CVE-2026-48148 Budibase: Unvalidated VectorDB Host Parameter Enables SSRF — budibaseCWE-918--2026-05-27
CVE-2026-45548 Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation — budibaseCWE-918 7.7 High2026-05-27
CVE-2026-45715 Budibase: SSRF Bypass via HTTP Redirect in REST Datasource Integration — budibaseCWE-918 7.7 High2026-05-27
CVE-2026-45716 Budibase: Builder-to-Admin Privilege Escalation via onboardUsers Endpoint Without SMTP Configuration — budibaseCWE-269 8.8 High2026-05-27
CVE-2026-45717 Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL. — budibaseCWE-862 8.8 High2026-05-27
CVE-2026-45718 Budibase: Row Action Trigger Bypasses View Row Filter Security Boundary Allowing Action on Out-of-Scope Rows — budibaseCWE-863 5.4 Medium2026-05-27
CVE-2026-45719 Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API — budibaseCWE-94 6.5 Medium2026-05-27
CVE-2026-46425 Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users — budibaseCWE-862 9.9 Critical2026-05-27
CVE-2026-46424 Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour — budibaseCWE-269 4.2 Medium2026-05-27
CVE-2026-46426 Budibase: Unrestricted Upload of File with Dangerous Type — budibaseCWE-79 7.6 High2026-05-27
CVE-2026-46427 Budibase: Snowflake private key returned unmasked from datasource API to BASIC users — budibaseCWE-200 7.7 High2026-05-27
CVE-2026-48128 Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step — budibaseCWE-918--2026-05-27
CVE-2026-48146 Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection — budibaseCWE-918 7.7 High2026-05-27
CVE-2026-48149 Budibase: Stored XSS in Text component: BASIC users execute JS in admin session via MarkdownViewer innerHTML + CDN+srcdoc CSP bypass — budibaseCWE-79 8.1 High2026-05-27
CVE-2026-48150 Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign — budibaseCWE-915 9.0 Critical2026-05-27
CVE-2026-48151 Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema — budibaseCWE-862 7.5 High2026-05-27
CVE-2026-48152 Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL — budibaseCWE-863 8.1 High2026-05-27
CVE-2026-48153 Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata — budibaseCWE-918 8.5 High2026-05-27
CVE-2026-45061 Budibase: SSRF via trivial `.tar.gz` substring bypass in Plugin URL upload (`/api/plugin`) — budibaseCWE-918 7.7 High2026-05-27
CVE-2026-42239 Budibase auth session cookies are set with httpOnly:false — any XSS can lead to full account takeover — budibaseCWE-1004 8.1 High2026-05-07
CVE-2026-41428 Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints — budibaseCWE-287 9.1 Critical2026-04-24
CVE-2026-35218 Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette — budibaseCWE-79 8.7 High2026-04-03
CVE-2026-35216 Budibase: Unauthenticated Remote Code Execution via Webhook Trigger and Bash Automation Step — budibaseCWE-78 9.1 Critical2026-04-03
CVE-2026-35214 Budibase: Path traversal in plugin file upload enables arbitrary directory deletion and file write — budibaseCWE-22 8.7 High2026-04-03
CVE-2026-31818 Budibase: Server-Side Request Forgery via REST Connector with Empty Default Blacklist — budibaseCWE-918 9.6 Critical2026-04-03
CVE-2026-25044 Budibase: Command Injection in Bash Automation Step — budibaseCWE-78 8.8AIHighAI2026-04-03
CVE-2026-25043 Budibase: Unauthenticated Password Reset Endpoint Lacks Rate Limiting, Enabling Email Flooding — budibaseCWE-770 5.3 Medium2026-04-03
CVE-2026-33226 Budibase Unrestricted Server-Side Request Forgery (SSRF) via REST Datasource Query Preview — budibaseCWE-918 8.7 High2026-03-20
CVE-2026-31816 Budibase Universal Auth Bypass via Webhook Query Param Injection — budibaseCWE-74 9.1 Critical2026-03-09

This page lists every published CVE security advisory associated with Budibase. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.