GHSA-7PJR-QPVH-M339 Fission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executables

Summary Before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command... after a strings.Fields split, with no validation of the executable path or its arguments. A user who could create or update Environment CRDs in a namespace...

PT-2026-42688

Summary Before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into exec.Command... after a strings.Fields split, with no validation of the executable path or its arguments. A user who could create or update Environment CRDs in a namespace...

CVE-2026-35218 Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette

Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...

CVE-2026-35218 Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette

Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...

CVE-2026-35218

Budibase (open‑source low-code platform) prior to version 3.32.5 is affected by a Stored XSS in the Builder Command Palette. The vulnerability arises because entity names (tables, views, queries, automations) are rendered using Svelte’s {@html} without sanitization, allowing an authenticated Buil...

PT-2026-30193

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.32.5 Description Budibase, an open-source low-code platform, had a critical issue in its Builder Command Palette. Before version 3.32.5, entity names tables, views, queries, automations were rendered using Svelte's...

CVE-2024-7387

OpenShift CVE-2024-7387 is a symlink-traversal/path traversal vulnerability in the openshift/builder docker build path. A privileged build container can have its destinationDir override a symlink (e.g., usr_bin -> /usr/bin), enabling overwriting of system binaries like /usr/bin/cp and executio...