EUVD-2026-32586

Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint POST /api/plugin validates the submitted URL with a single substring check: url.includes".tar.gz". Any URL containing .tar.gz anywhere in the string — in the path, query string, or fragment — passes thi...

CVE-2026-8405

creationtimestamp| type| source ---|---|--- 2026-05-27 16:43:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtxbyzjvx2t...

CVE-2026-9617

creationtimestamp| type| source ---|---|--- 2026-05-27 16:38:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtwz2lusu2v...

CVE-2026-46624

creationtimestamp| type| source ---|---|--- 2026-05-27 16:37:41+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmtwwhceoy2u...

CVE-2026-9035

creationtimestamp| type| source ---|---|--- 2026-05-27 16:33:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtwq45msb2p...

CVE-2026-7097

creationtimestamp| type| source ---|---|--- 2026-05-27 16:07:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmtvavp63q2h...

EUVD-2026-32555

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer, the smPolicyGroup route group is created and routes are...

EUVD-2026-32554

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

CVE-2026-5065

creationtimestamp| type| source ---|---|--- 2026-05-27 15:49:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtuc2pe452r 2026-06-02 20:37:05+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mndh54j3t22r...

CVE-2026-49982

creationtimestamp| type| source ---|---|--- 2026-05-27 15:48:27+00:00| published-proof-of-concept| https://github.com/raszi/node-tmp/security/advisories/GHSA-7c78-jf6q-g5cm 2026-06-11 18:00:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnzslz7nzj25 2026-06-15...

CVE-2026-46035

creationtimestamp| type| source ---|---|--- 2026-05-27 15:40:07+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116647290931030330...

CVE-2026-45975

creationtimestamp| type| source ---|---|--- 2026-05-27 15:27:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116647240072146475...

CVE-2026-8180

creationtimestamp| type| source ---|---|--- 2026-05-27 15:00:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmtrk46pay2w 2026-05-27 16:28:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtwh5k77q2k...

CVE-2026-45912

creationtimestamp| type| source ---|---|--- 2026-05-27 15:00:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116647133965743789...

CVE-2026-48902

creationtimestamp| type| source ---|---|--- 2026-05-27 14:35:37+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q...

CVE-2026-48903

creationtimestamp| type| source ---|---|--- 2026-05-27 14:35:37+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q...

CVE-2026-48905

creationtimestamp| type| source ---|---|--- 2026-05-27 14:35:37+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q...

CVE-2026-48898

creationtimestamp| type| source ---|---|--- 2026-05-27 14:35:36+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q 2026-06-22 05:31:52+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mou5uunp2t2b...

CVE-2026-48900

creationtimestamp| type| source ---|---|--- 2026-05-27 14:35:36+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q...

CVE-2026-48896

creationtimestamp| type| source ---|---|--- 2026-05-27 14:35:35+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq56q4l22q...