Lucene search
K

12134 matches found

Patchstack
Patchstack
added 2026/05/28 4:44 p.m.9 views

WordPress Easy Form Builder plugin <= 4.0.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by kai63001 in WordPress Plugin Easy Form Builder versions = 4.0.6...

9.3CVSS5.9AI score0.00236EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/27 8:14 p.m.18 views

CVE-2026-9366

A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted element is the function scancontextcontent of the file agent/promptbuilder.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and could be used. The...

7.5CVSS6.7AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 6:21 p.m.14 views

CVE-2026-44635 Kysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`

Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.28.16, DefaultQueryCompiler.visitJSONPathLeg does not escape JSON-path metacharacters ., , , , , ?. When attacker-controlled input flows into eb.refcol, '-$'.keyinput or .atinput — including type-safe code where the JSON column ...

7.5CVSS5.9AI score0.00362EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.20 views

CVE-2026-48150

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...

9CVSS0.00292EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.23 views

CVE-2026-48148

Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reserved hostnames, or URL schemes. Any authenticated user with builder-level access can supply an...

5.3CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.22 views

CVE-2026-48146

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

7.7CVSS0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.17 views

CVE-2026-45719

Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API POST /api/views accepts a calculation parameter from the request body that is interpolated directly into a CouchDB reduce function definition without validation. Although an internal SCHEMAMAP object defines the valid...

6.5CVSS0.00263EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 6:16 p.m.15 views

CVE-2026-45716

Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...

8.8CVSS0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:12 p.m.15 views

CVE-2026-48148 Budibase: Unvalidated VectorDB Host Parameter Enables SSRF

Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reserved hostnames, or URL schemes. Any authenticated user with builder-level access can supply an...

5.3CVSS5.9AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 5:12 p.m.20 views

CVE-2026-48148

Budibase prior to 3.35.3 exposes an unvalidated VectorDB host parameter in its configuration endpoint. An authenticated builder-level user can supply a host like 169.254.169.254 or localhost, allowing the server to initiate outbound TCP connections to internal network addresses or cloud metadata ...

5.3CVSS5.9AI score0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:12 p.m.9 views

CVE-2026-48148

Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reserved hostnames, or URL schemes. Any authenticated user with builder-level access can supply an...

5.3CVSS5.9AI score0.00226EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/27 5:10 p.m.44 views

CVE-2026-45715 Budibase: SSRF Bypass via HTTP Redirect in REST Datasource Integration

Budibase is an open-source low-code platform. Prior to 3.38.1, the REST datasource integration packages/server/src/integrations/rest.ts follows HTTP redirects without re-checking the IP blacklist, allowing an authenticated Builder to access internal services cloud metadata, databases by redirecti...

7.7CVSS0.00258EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:10 p.m.12 views

EUVD-2026-32603

Budibase is an open-source low-code platform. Prior to 3.38.1, the REST datasource integration packages/server/src/integrations/rest.ts follows HTTP redirects without re-checking the IP blacklist, allowing an authenticated Builder to access internal services cloud metadata, databases by redirecti...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:9 p.m.10 views

CVE-2026-45716

Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...

8.8CVSS6AI score0.00261EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/27 5:9 p.m.39 views

CVE-2026-45716 Budibase: Builder-to-Admin Privilege Escalation via onboardUsers Endpoint Without SMTP Configuration

Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...

8.8CVSS0.00261EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:9 p.m.17 views

EUVD-2026-32602

Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...

8.8CVSS6AI score0.00261EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 5:9 p.m.40 views

CVE-2026-45717 Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL.

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS0.00251EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 5:9 p.m.15 views

CVE-2026-45717

Budibase (prior to 3.38.1) exposed PUT /api/datasources/:datasourceId under TABLE/READ authorization, allowing any authenticated user with BASIC or higher to overwrite a datasource’s config (host, port, database, URL, credentials). The update merges attacker-controlled fields without builder-leve...

8.8CVSS6AI score0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:7 p.m.9 views

CVE-2026-45719 Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API

Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API POST /api/views accepts a calculation parameter from the request body that is interpolated directly into a CouchDB reduce function definition without validation. Although an internal SCHEMAMAP object defines the valid...

6.5CVSS6AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 5:7 p.m.41 views

CVE-2026-45719 Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API

Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API POST /api/views accepts a calculation parameter from the request body that is interpolated directly into a CouchDB reduce function definition without validation. Although an internal SCHEMAMAP object defines the valid...

6.5CVSS0.00263EPSS
Exploits0References2
Rows per page
Query Builder