CVE-2026-48153 – Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata

CVE ID :CVE-2026-48153

Published : May 27, 2026, 6:16 p.m. | 15 minutes ago

Description :Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codebase uses. The Joi schema for the OAuth2 URL has no scheme or host restriction. This vulnerability is fixed in 3.39.0.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9759 – NULL Pointer Dereference in Wireshark

CVE-2026-8364 – Gladinet Triofox Missing Authentication for Critical Functions

CVE-2026-8363 – Gladinet Triofox Stack-based Buffer Overflow in WOSDeviceDropFolder.dll

CVE-2026-8362 – Gladinet Triofox Stack-based Buffer Overflow in WOSDefaultHttpModule.dll