89 matches found
CVE-2026-32237
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
CVE-2026-32237
Backstage vulnerability CVE-2026-32237 affects the @backstage/plugin-scaffolder-backend prior to 3.1.5. Authenticated users with permission to run scaffolder dry-runs can access server-configured environment secrets via the dry-run API response; secrets are redacted in logs but not in all respons...
CVE-2026-32237 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Backstage is an open framework for building developer portals. Prior to 3.1.5, authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all...
EUVD-2026-11675
@backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview @backstage/plugin-scaffolder-backend is a The Backstage backend plugin that helps you create new things Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the dry-run endpoint when secrets configured in...
GHSA-8WQ8-6859-QX77 @backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Impact Authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all parts of the response payload. Deployments that have configured...
@backstage/plugin-scaffolder-backend: Possible exposure of defaultEnvironment secrets using dry-run endpoint
Impact Authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through the dry-run API response. Secrets are properly redacted in log output but not in all parts of the response payload. Deployments that have configured...
PT-2026-25053
Name of the Vulnerable Software and Affected Versions Backstage versions prior to 3.1.5 Description Backstage is an open framework for building developer portals. Authenticated users with permission to execute scaffolder dry-runs can gain access to server-configured environment secrets through th...
EUVD-2026-10357
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.5 and earlier, a path traversal vulnerability in the PWA Progressive Web App ZIP processing endpoint POST /api/pwa/process-zip allows an authenticated user with builder privileges to read arbitrary...
CVE-2026-30240 Budibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All Environment Secrets
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.5 and earlier, a path traversal vulnerability in the PWA Progressive Web App ZIP processing endpoint POST /api/pwa/process-zip allows an authenticated user with builder privileges to read arbitrary...
CVE-2026-30240 Budibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All Environment Secrets
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.5 and earlier, a path traversal vulnerability in the PWA Progressive Web App ZIP processing endpoint POST /api/pwa/process-zip allows an authenticated user with builder privileges to read arbitrary...
CVE-2026-30240
Budibase PWA ZIP upload path traversal (CVE-2026-30240) affects Budibase 3.31.5 and earlier. Affected component: PWA ZIP processing endpoint at POST /api/pwa/process-zip. Root cause: unsanitized usage of path.join() with user-controlled input from icons.json inside the uploaded ZIP allowing an au...
CVE-2026-30240 Budibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All Environment Secrets
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.5 and earlier, a path traversal vulnerability in the PWA Progressive Web App ZIP processing endpoint POST /api/pwa/process-zip allows an authenticated user with builder privileges to read arbitrary...
GHSA-H343-GG57-2Q67 OneUpTime's Unsandboxed Code Execution in Probe Allows Any Project Member to Achieve RCE
Summary OneUptime allows project members to run custom Playwright/JavaScript code via Synthetic Monitors to test websites. However, the system executes this untrusted user code inside the insecure Node.js vm module. By leveraging a standard prototype-chain escape this.constructor.constructor, an...
CVE-2026-28216
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. user-environments.resolver.ts:82-109, updateUserEnvironment mutation uses @UseGuardsGqlAuthGuard but is missing the @GqlUser...
EUVD-2026-8913
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. user-environments.resolver.ts:82-109, updateUserEnvironment mutation uses @UseGuardsGqlAuthGuard but is missing the @GqlUser...
EUVD-2026-8646
Budibase: Remote Code Execution via Unsafe eval in View Filter Map Function Budibase Cloud...