Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2026/05/27 6:16 p.m.13 views

CVE-2026-48153

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codebase uses. The Joi schema for the OAuth2 URL has no...

8.5CVSS0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.8 views

PT-2026-44064

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0 Description The fetchToken function in the OAuth2 SDK performs a POST request to a URL provided by the builder using node-fetch. This process bypasses the isBlacklisted check used by all other outbound fetch...

8.5CVSS5.8AI score0.00174EPSS
Exploits0References6
BDU FSTEC
BDU FSTECadded 2017/08/18 12:0 a.m.3 views

The vulnerability of the Oniguruma library, related to incorrect handling of numbers, allows attackers to cause memory corruption.

The vulnerability of the Oniguruma library arises from the incorrect processing of numbers greater than 0xff in the functions fetchtoken and fetchtokenincc during the compilation of regular expressions. Exploiting this vulnerability allows a remote attacker to cause a memory corruption by using a...

7.5CVSS7AI score0.07511EPSS
Exploits1References4Affected Software3
Rows per page
Query Builder