PT-2026-45654

Kiteworks is a private data network PDN. Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated attacker with the FormBuilder role to retrieve information on or modify other users' form definitions and some global...

CVE-2026-48146

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

CVE-2026-48146

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

CVE-2026-48146 Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

PT-2026-44057

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0 Description The OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses a raw fetchconfig.url call without Server-Side Request Forgery SSRF protection. SSRF is a flaw that allows ...

Budibase 代码问题漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained code-related vulnerabilities. These vulnerabilities stemmed from the OAuth2 tok...

Arbitrary Code Injection

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Arbitrary Code Injection via the calculation parameter in the V1 Views API, which is interpolated directly into a CouchDB reduce function without validation. An attacker can execute arbitrary...

Dust: Privilege Escalation in Edit and Create Secret Endpoints Leads to Unauthorized Secret Modification

The vulnerability allows a user with the Builder role to list all existing secret names, create new secrets, and overwrite existing secrets by using the same name. This behavior violates permission boundaries and leads to privilege escalation and unauthorized access to sensitive data...