{"vulnerability": "cve-2026-4815", "sightings": [{"uuid": "63b86b14-f764-436f-8e42-fbdc784658a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4815", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhvljmkbzc2q", "content": "", "creation_timestamp": "2026-03-25T17:12:25.703663Z"}, {"uuid": "05de6646-216f-440b-8eb5-2df952a80073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48150", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6xgnpmn2g", "content": "\ud83d\udd34 CVE-2026-48150 - Critical (9)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is gua...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48150/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:00:49.763812Z"}, {"uuid": "3edbcd71-7f7f-468f-8f81-2e0c2dd897fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48151", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6xo2nd72w", "content": "\ud83d\udfe0 CVE-2026-48151 - High (7.5)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoi...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48151/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:00:57.853480Z"}, {"uuid": "782797e0-d82b-4bf1-917e-566f3f530a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48152", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6zccumf2t", "content": "\ud83d\udfe0 CVE-2026-48152 - High (8.1)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48152/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:01:52.704159Z"}, {"uuid": "6016099d-a5f5-44dd-b98c-4877f6615368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48153", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu6zk2b2p2w", "content": "\ud83d\udfe0 CVE-2026-48153 - High (8.5)\n\nBudibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-48153/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-27T19:02:00.807109Z"}, {"uuid": "863de294-d623-49e3-851e-660588a3e24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48151", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmu7tb6enp2i", "content": "CVE-2026-48151 - Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of webhook and automation schema\nCVE ID : CVE-2026-48151\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platfor...", "creation_timestamp": "2026-05-27T19:16:22.884879Z"}, {"uuid": "3f897a48-b2a6-481d-98aa-53d668026cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48150", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmubhvu6d72c", "content": "CVE-2026-48150 - Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign\nCVE ID : CVE-2026-48150\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.0, /api/pu...", "creation_timestamp": "2026-05-27T19:45:49.346964Z"}, {"uuid": "e667063c-d0a1-4530-a52b-3da9980e331f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48153", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmucdcb5kf2p", "content": "CVE-2026-48153 - Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata\nCVE ID : CVE-2026-48153\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in...", "creation_timestamp": "2026-05-27T20:01:08.329369Z"}, {"uuid": "5b334811-9c8b-456e-813c-57db8e78b550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48152", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmucmavj2g2i", "content": "CVE-2026-48152 - Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasource base URL\nCVE ID : CVE-2026-48152\n \n Published : May 27, 2026, 6:16 p.m. | 15\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.0...", "creation_timestamp": "2026-05-27T20:06:08.893382Z"}, {"uuid": "be3899d9-c7ec-4a21-bf42-216c84edbfb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48155", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwk6k2inb2p", "content": "CVE-2026-48155 - pypdf: Possible large memory usage for large offsets for layout mode text\nCVE ID : CVE-2026-48155\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who...", "creation_timestamp": "2026-05-28T17:26:57.817533Z"}, {"uuid": "e4a04e74-04b8-40d0-9326-06f325734af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48156", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmwkejpygx2o", "content": "CVE-2026-48156 - pypdf: Possible long runtimes for zero-only width values in cross-reference streams\nCVE ID : CVE-2026-48156\n \n Published : May 28, 2026, 4:16 p.m. | 15\u00a0minutes ago\n \n Description : pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an at...", "creation_timestamp": "2026-05-28T17:30:19.178549Z"}, {"uuid": "f8133923-04ea-420f-9e20-02d93079944d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48151", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-qhv3-wjg8-6fx6", "content": "", "creation_timestamp": "2026-05-21T08:47:15.000000Z"}, {"uuid": "db9ef06a-5d6c-4a0f-8944-68a8206613bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48154", "type": "published-proof-of-concept", "source": "https://github.com/pilinux/gorest/security/advisories/GHSA-cpwg-x64r-rgwg", "content": "", "creation_timestamp": "2026-05-21T08:50:03.000000Z"}, {"uuid": "2ec392dc-aa06-4a46-a213-7db0e88b384f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48150", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-6xp4-cf37-ppjh", "content": "", "creation_timestamp": "2026-05-21T08:46:30.000000Z"}, {"uuid": "d1c266e2-9c54-42ed-b1a2-c42d469a70b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48157", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moek4j5hxb2i", "content": "CVE-2026-48157 - Slim has Reflected XSS in the HtmlErrorRenderer\nCVE ID : CVE-2026-48157\n \n Published : June 15, 2026, 10:16 p.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4...", "creation_timestamp": "2026-06-16T00:28:17.975052Z"}, {"uuid": "0a91347f-1920-47ab-abb7-cb7633f3353c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48153", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-4q6h-8p4v-67vq", "content": "", "creation_timestamp": "2026-05-21T08:49:32.000000Z"}, {"uuid": "8602c1db-4d2f-4e27-b14c-224acf0c984c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48153", "type": "seen", "source": "https://gist.github.com/alon710/ca5754f7e7e7aeff3ad1cd262378f58b", "content": "# CVE-2026-48153: CVE-2026-48153: Server-Side Request Forgery in Budibase OAuth2 SDK\n\n> **CVSS Score:** 8.5\n> **Published:** 2026-06-22\n> **Full Report:** https://cvereports.com/reports/CVE-2026-48153\n\n## Summary\nCVE-2026-48153 is a Server-Side Request Forgery (SSRF) vulnerability in the Budibase OAuth2 SDK prior to version 3.39.0. It allows authenticated low-privileged users to bypass outbound network security blacklists and send arbitrary requests to internal subnets or cloud metadata services.\n\n## TL;DR\nA bypass in the Budibase OAuth2 SDK allows low-privileged users to trigger Server-Side Request Forgery (SSRF) against internal resources, bypassing central IP blacklists.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-918\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1**: 8.5 (HIGH)\n- **EPSS Score**: 0.00174\n- **EPSS Percentile**: 7.04%\n- **Exploit Status**: poc\n- **KEV Status**: not listed\n\n## Affected Systems\n\n- Budibase < 3.39.0\n- **budibase**: < 3.39.0 (Fixed in: `3.39.0`)\n\n## Mitigation\n\n- Upgrade Budibase to version 3.39.0 or higher\n- Implement network egress filtering to restrict container access to loopback and cloud metadata endpoints\n- Audit OAuth2 datasource configurations for internal IP addresses\n\n**Remediation Steps:**\n1. Pull the latest Budibase container image (version >= 3.39.0)\n2. Redeploy the application service\n3. Configure container network security groups or iptables to block egress to 169.254.169.254 and private subnets if not required\n4. Restrict the assignment of the builder role to trusted users\n\n## References\n\n- [GitHub Security Advisory GHSA-4q6h-8p4v-67vq](https://github.com/Budibase/budibase/security/advisories/GHSA-4q6h-8p4v-67vq)\n- [CVE.org CVE-2026-48153 Record](https://www.cve.org/CVERecord?id=CVE-2026-48153)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48153) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-23T09:41:50.000000Z"}]}