2 matches found
Budibase - Authentication Bypass
Budibase = 3.31.4 contains an authentication bypass caused by unanchored regex in authorized middleware matching webhook path patterns in query strings, letting unauthenticated remote attackers access any server-side API endpoint, exploit requires crafted request with webhook pattern in URL. id:...
CLEANSTART-2026-JI10303 Security fixes for CVE-2026-33186, ghsa-p77j-4mvh-x3m3 applied in versions: 3.31.4-r0
Multiple security vulnerabilities affect the calico package. These issues are resolved in later releases. See references for individual vulnerability details...