Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-42197 — RELATE Vulnerable to Stored XSS via Unprivileged User Profile

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execut…

| Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.5 HIGH
CVE-2026-5509 — Arbitrary Command Injection via Browser Developer Console in TP-Link Archer BE450 and BE7…

An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interf…

| Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.9 MEDIUM
CVE-2026-4392 — TeamSpeak 3 Server clientek Handshake assertion

A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proo…

Remote | Denial of Service
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.9 MEDIUM
CVE-2026-4391 — TeamSpeak 3 Server ECC Key heap-based overflow

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer ov…

Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.5 MEDIUM
CVE-2026-4390 — TeamSpeak 3 Server Connection State Management process_resend_queue use after free

A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free…

Remote | Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.5 HIGH
CVE-2026-48153 — Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check th…

Remote | Server-Side Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.1 HIGH
CVE-2026-48152 — Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasou…

Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generic TABLE READ, not by Builder/Admin permission or datasource-specific owner…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.5 HIGH
CVE-2026-48151 — Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of…

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.0 CRITICAL
CVE-2026-48150 — Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/ass…

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.1 HIGH
CVE-2026-48149 — Budibase: Stored XSS in Text component: BASIC users execute JS in admin session via Markd…

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/…

Remote | Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.3 MEDIUM
CVE-2026-48148 — Budibase: Unvalidated VectorDB Host Parameter Enables SSRF

Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reser…

Remote | Server-Side Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.5 MEDIUM
CVE-2026-48147 — Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection…

Budibase is an open-source low-code platform. Prior to 3.35.4, the buildMatcherRegex() / matches() functions in packages/backend-core/src/middleware/matchers.ts route patterns are compiled into unanc…

Remote | Cross-Site Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.7 HIGH
CVE-2026-48146 — Budibase: SSRF via OAuth2 Config Validation — Missing fetchWithBlacklist Protection

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.…

Remote | Server-Side Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.1 MEDIUM
CVE-2026-48128 — Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step

Budibase is an open-source low-code platform. Prior to 3.39.0, the executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution…

Remote | Server-Side Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.7 HIGH
CVE-2026-46427 — Budibase: Snowflake private key returned unmasked from datasource API to BASIC users

Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is D…

Remote | Information Disclosure
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
7.6 HIGH
CVE-2026-46426 — Budibase: Unrestricted Upload of File with Dangerous Type

Budibase is an open-source low-code platform. Prior to 3.38.2, the file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks …

budibase | Remote | Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.9 CRITICAL
CVE-2026-46425 — Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise featu…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
4.2 MEDIUM
CVE-2026-46424 — Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users…

Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1/roles/unassign) updates user documents in CouchDB but does not invalidate…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.5 MEDIUM
CVE-2026-45719 — Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API

Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 Views API (POST /api/views) accepts a calculation parameter from the request body that is interpolated directly into a CouchDB re…

Remote | Injection
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.4 MEDIUM
CVE-2026-45718 — Budibase: Row Action Trigger Bypasses View Row Filter Security Boundary Allowing Action o…

Budibase is an open-source low-code platform. Prior to 3.38.1, the row action trigger endpoint (POST /api/tables/:sourceId/actions/:actionId/trigger) fails to validate that the user-supplied rowId is…

budibase | Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
Showing 20 of 6583 Results