Known Vulnerabilities for products from Budibase
Listed below are 8 of the newest known vulnerabilities associated with the vendor "Budibase".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-35218 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-35216 json | Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Ex... | Not Provided | 2026-04-03 | 2026-04-08 |
| CVE-2026-35214 json | Budibase is an open-source low-code platform. Prior to version 3.33.4, the plugin file upload endpoint (POST /api/plugin/uplo... | Not Provided | 2026-04-03 | 2026-04-08 |
| CVE-2026-31818 json | Budibase is an open-source low-code platform. Prior to version 3.33.4, a server-side request forgery (SSRF) vulnerability exi... | Not Provided | 2026-04-03 | 2026-04-08 |
| CVE-2026-25044 json | Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided comman... | Not Provided | 2026-04-03 | 2026-04-08 |
| CVE-2026-25043 json | Budibase is an open-source low-code platform. Prior to version 3.23.25, a business logic vulnerability exists in Budibase’s... | Not Provided | 2026-04-03 | 2026-04-21 |
| CVE-2023-29010 json | Budibase is a low code platform for creating internal tools, workflows, and admin panels. Versions prior to 2.4.3 (07 March 2... | 6.5 - MEDIUM | 2023-04-06 | 2023-04-14 |
| CVE-2022-3225 json | Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20. | 5.7 - MEDIUM | 2022-09-16 | 2023-08-02 |