3 matches found
CVE-2026-45718 Budibase: Row Action Trigger Bypasses View Row Filter Security Boundary Allowing Action on Out-of-Scope Rows
Budibase is an open-source low-code platform. Prior to 3.38.1, the row action trigger endpoint POST /api/tables/:sourceId/actions/:actionId/trigger fails to validate that the user-supplied rowId is within the scope of the view's row filters. A user with access to a filtered view can trigger row...
CVE-2026-34176 Knowledge Appliance mode iControl REST vulnerability
When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...
CVE-2026-23812
Technical details (vulnerable products, affected versions, or exploit specifics) are not publicly available in the provided documents. Monitor for updates from NVD/Red Hat/ENISA and vendor advisories.