Lucene search
K

25 matches found

NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-50137

Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id app... and an S3-source datasource id ds... can call this endpoint with no auth and obtain a 15-minute pre-signed PUT URL minted on the victim's IAM identity. The endpoin...

9.4CVSS0.00415EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:41 p.m.9 views

CVE-2026-50137

Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id app... and an S3-source datasource id ds... can call this endpoint with no auth and obtain a 15-minute pre-signed PUT URL minted on the victim's IAM identity. The endpoin...

9.4CVSS5.8AI score0.00415EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/26 8:41 p.m.39 views

CVE-2026-50137

Budibase prior to 3.39.0 is affected by CVE-2026-50137: unauthenticated POST /api/attachments/:datasourceId/url allows anonymous callers to mint 15-minute AWS S3 pre-signed PUT URLs using the datasource’s IAM credentials, with the bucket not pinned to the datasource. The attack discloses the targ...

9.4CVSS5.8AI score0.00415EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:36 p.m.7 views

CVE-2026-50136

Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...

7.4CVSS5.8AI score0.0029EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 11:19 p.m.11 views

Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials

Summary The Budibase server route POST /api/attachments/:datasourceId/url packages/server/src/api/routes/static.ts is registered with only the recaptcha middleware. There is no authorized... middleware in the chain. The controller...

9.4CVSS6AI score0.00415EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/22 11:19 p.m.7 views

GHSA-35C4-RVC8-FRHM Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials

Summary The Budibase server route POST /api/attachments/:datasourceId/url packages/server/src/api/routes/static.ts is registered with only the recaptcha middleware. There is no authorized... middleware in the chain. The controller...

9.4CVSS6AI score0.00415EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2026/01/28 12:0 a.m.172 views

📄 Papermark 0.20.0 Path Traversal

Papermark version 0.20.0 suffers from an authenticated path traversal vulnerability. // Exploit Title: Papermark 0.20.0 - Path Traversal Authenticated // Date: 2026-01-28 // Exploit Author: Eui Chul Chung // Vendor Homepage: https://www.papermark.com/ // Software Link:...

6.5CVSS5.9AI score0.00645EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-25304

Malicious code in bioql PyPI...

5.8CVSS6AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 12:28 a.m.17 views

CVE-2025-57682

Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...

6.5CVSS6.9AI score0.00645EPSS
Exploits1References1
NVD
NVD
added 2025/09/22 4:15 p.m.7 views

CVE-2025-57682

Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...

6.5CVSS0.00645EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.5 views

PT-2025-38726

Name of the Vulnerable Software and Affected Versions Papermark versions prior to 0.20.0 Description An issue exists in Papermark that allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution. This is possible via the 'POST...

6.5CVSS6.6AI score0.00645EPSS
Exploits1References5
CVE
CVE
added 2025/09/22 12:0 a.m.23 views

CVE-2025-57682

Papermark 0.20.0 and earlier versions contain an authenticated path traversal vulnerability. An attacker can abuse the POST /api/file/s3/get-presigned-get-url-proxy endpoint to retrieve arbitrary files from the associated S3 bucket by manipulating the key parameter (as shown in the PacketStorm ex...

6.5CVSS6.5AI score0.00645EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/09/22 12:0 a.m.9 views

CVE-2025-57682

Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...

0.00645EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:55 a.m.11 views

CVE-2024-28174

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5.8CVSS7AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2024/03/06 5:15 p.m.16 views

CVE-2024-28174

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5.8CVSS5.7AI score0.00336EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 5:15 p.m.4 views

CVE-2024-28174

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5.8CVSS5.8AI score0.00336EPSS
Exploits0References1
Prion
Prion
added 2024/03/06 5:15 p.m.19 views

Code injection

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5CVSS7.2AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2024/03/06 4:52 p.m.70 views

CVE-2024-28174

CVE-2024-28174 affects JetBrains TeamCity (pre-2023.11.4) via the S3 Artifact Storage plugin. The root cause is improper authorization of presigned URL generation requests, allowing a remote attacker to bypass existing security restrictions. The public descriptions consistently state the issue af...

5.8CVSS5.7AI score0.00336EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/06 4:52 p.m.12 views

CVE-2024-28174

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5.8CVSS7AI score0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/06 4:52 p.m.22 views

CVE-2024-28174

In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly...

5.8CVSS5.9AI score0.00336EPSS
Exploits0References1
Rows per page
Query Builder