Known Vulnerabilities for User Role by Bestwebsoft
Listed below are 3 of the newest known vulnerabilities associated with "User Role" by "Bestwebsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49095 json | Improper Input Validation (CWE-20) in the Kibana Fleet agent policy management feature can lead to privilege escalation. An a... | Not Provided | 2026-05-28 | 2026-05-30 |
| CVE-2026-48152 json | Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generi... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-48150 json | Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin m... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-48146 json | Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/wor... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-47742 json | Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor (Edit, ... | Not Provided | 2026-05-29 | 2026-05-29 |
| CVE-2026-47102 json | LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correc... | Not Provided | 2026-05-21 | 2026-05-22 |
| CVE-2026-47101 json | LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does ... | Not Provided | 2026-05-21 | 2026-05-22 |
| CVE-2026-46427 json | Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-46425 json | Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only tw... | Not Provided | 2026-05-27 | 2026-05-28 |
| CVE-2026-46424 json | Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1... | Not Provided | 2026-05-27 | 2026-05-28 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bestwebsoft | User Role | 1.6.1 | |||
| Application | Bestwebsoft | User Role | 1.6.0 | |||
| Application | Bestwebsoft | User Role | 1.5.9 | |||
| Application | Bestwebsoft | User Role | 1.5.8 | |||
| Application | Bestwebsoft | User Role | 1.5.7 | |||
| Application | Bestwebsoft | User Role | 1.5.6 | |||
| Application | Bestwebsoft | User Role | 1.5.5 | |||
| Application | Bestwebsoft | User Role | 1.5.4 | |||
| Application | Bestwebsoft | User Role | 1.5.3 | |||
| Application | Bestwebsoft | User Role | 1.5.2 | |||
| Application | Bestwebsoft | User Role | 1.5.1 | |||
| Application | Bestwebsoft | User Role | 1.5.0 | |||
| Application | Bestwebsoft | User Role | 1.4.9 | |||
| Application | Bestwebsoft | User Role | 1.4.8 | |||
| Application | Bestwebsoft | User Role | 1.4.7 | |||
| Application | Bestwebsoft | User Role | 1.4.6 | |||
| Application | Bestwebsoft | User Role | 1.4.5 | |||
| Application | Bestwebsoft | User Role | 1.4.4 | |||
| Application | Bestwebsoft | User Role | 1.4.3 | |||
| Application | Bestwebsoft | User Role | 1.4.2 |