https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 27 Jun 2026 05:24:22 +0000 https://vulnerability.circl.lu/sighting/83d8cde4-c156-4cdb-bcae-c60c0651005b/export {"uuid": "83d8cde4-c156-4cdb-bcae-c60c0651005b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54351", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p", "content": "", "creation_timestamp": "2026-06-04T08:55:20.000000Z"} {"uuid": "83d8cde4-c156-4cdb-bcae-c60c0651005b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54351", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p", "content": "", "creation_timestamp": "2026-06-04T08:55:20.000000Z"} https://vulnerability.circl.lu/sighting/83d8cde4-c156-4cdb-bcae-c60c0651005b/export Thu, 04 Jun 2026 08:55:20 +0000 https://vulnerability.circl.lu/sighting/05edb625-7fd3-4d5b-9009-6868441ac2c6/export {"uuid": "05edb625-7fd3-4d5b-9009-6868441ac2c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54353", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-gfq7-5x4g-3xhf", "content": "", "creation_timestamp": "2026-06-04T08:57:12.000000Z"} {"uuid": "05edb625-7fd3-4d5b-9009-6868441ac2c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54353", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-gfq7-5x4g-3xhf", "content": "", "creation_timestamp": "2026-06-04T08:57:12.000000Z"} https://vulnerability.circl.lu/sighting/05edb625-7fd3-4d5b-9009-6868441ac2c6/export Thu, 04 Jun 2026 08:57:12 +0000 https://vulnerability.circl.lu/sighting/3ca642d6-20e7-4852-8ebf-35bbf74c10c8/export {"uuid": "3ca642d6-20e7-4852-8ebf-35bbf74c10c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54358", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116744774971353040", "content": "Some increased actor activities are shown targeting MISP (CVE-2026-54358) https://vuldb.com/vuln/370709/cti", "creation_timestamp": "2026-06-13T20:51:39.617415Z"} {"uuid": "3ca642d6-20e7-4852-8ebf-35bbf74c10c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54358", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116744774971353040", "content": "Some increased actor activities are shown targeting MISP (CVE-2026-54358) https://vuldb.com/vuln/370709/cti", "creation_timestamp": "2026-06-13T20:51:39.617415Z"} https://vulnerability.circl.lu/sighting/3ca642d6-20e7-4852-8ebf-35bbf74c10c8/export Sat, 13 Jun 2026 20:51:39 +0000 https://vulnerability.circl.lu/sighting/483fba80-eac1-4586-b63d-d07276e8df52/export {"uuid": "483fba80-eac1-4586-b63d-d07276e8df52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mow4im4pyb2r", "content": "A single Budibase app builder can read every secret on your server.\n\nA rigged app-icon upload exposes the master keys, forges an admin token, and reaches every workspace.\n\nSelf-hosted? Update to 3.39.9 and rotate secrets. (CVE-2026-54352)", "creation_timestamp": "2026-06-23T00:12:27.775773Z"} {"uuid": "483fba80-eac1-4586-b63d-d07276e8df52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mow4im4pyb2r", "content": "A single Budibase app builder can read every secret on your server.\n\nA rigged app-icon upload exposes the master keys, forges an admin token, and reaches every workspace.\n\nSelf-hosted? Update to 3.39.9 and rotate secrets. (CVE-2026-54352)", "creation_timestamp": "2026-06-23T00:12:27.775773Z"} https://vulnerability.circl.lu/sighting/483fba80-eac1-4586-b63d-d07276e8df52/export Tue, 23 Jun 2026 00:12:27 +0000 https://vulnerability.circl.lu/sighting/d16c1852-db4c-41d0-9f4e-9c4553df29ff/export {"uuid": "d16c1852-db4c-41d0-9f4e-9c4553df29ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7wjwi2zx2m", "content": "CVE-2026-54351 - Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override\nCVE ID : CVE-2026-54351\n \n Published : June 26, 2026, 8:45 p.m. | 59\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to...", "creation_timestamp": "2026-06-26T21:52:26.093128Z"} {"uuid": "d16c1852-db4c-41d0-9f4e-9c4553df29ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7wjwi2zx2m", "content": "CVE-2026-54351 - Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override\nCVE ID : CVE-2026-54351\n \n Published : June 26, 2026, 8:45 p.m. | 59\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to...", "creation_timestamp": "2026-06-26T21:52:26.093128Z"} https://vulnerability.circl.lu/sighting/d16c1852-db4c-41d0-9f4e-9c4553df29ff/export Fri, 26 Jun 2026 21:52:26 +0000 https://vulnerability.circl.lu/sighting/0234edde-8e5a-4ceb-8d4d-8721ba210481/export {"uuid": "0234edde-8e5a-4ceb-8d4d-8721ba210481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54353", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7wwbufwl2l", "content": "CVE-2026-54353 - Budibase: Potential SSRF DNS rebinding bypass in outbound fetch validation\nCVE ID : CVE-2026-54353\n \n Published : June 26, 2026, 8:44 p.m. | 1\u00a0hour ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with aut...", "creation_timestamp": "2026-06-26T21:59:20.584540Z"} {"uuid": "0234edde-8e5a-4ceb-8d4d-8721ba210481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54353", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7wwbufwl2l", "content": "CVE-2026-54353 - Budibase: Potential SSRF DNS rebinding bypass in outbound fetch validation\nCVE ID : CVE-2026-54353\n \n Published : June 26, 2026, 8:44 p.m. | 1\u00a0hour ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with aut...", "creation_timestamp": "2026-06-26T21:59:20.584540Z"} https://vulnerability.circl.lu/sighting/0234edde-8e5a-4ceb-8d4d-8721ba210481/export Fri, 26 Jun 2026 21:59:20 +0000 https://vulnerability.circl.lu/sighting/cae3a08c-893e-4d82-a5d6-3148523d0271/export {"uuid": "cae3a08c-893e-4d82-a5d6-3148523d0271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mp7xfcnzpe2s", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-54351](https://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p)\nBu...\nhttps://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p #CVE #ZeroDay #PatchManagement", "creation_timestamp": "2026-06-26T22:07:44.815724Z"} {"uuid": "cae3a08c-893e-4d82-a5d6-3148523d0271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mp7xfcnzpe2s", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-54351](https://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p)\nBu...\nhttps://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p #CVE #ZeroDay #PatchManagement", "creation_timestamp": "2026-06-26T22:07:44.815724Z"} https://vulnerability.circl.lu/sighting/cae3a08c-893e-4d82-a5d6-3148523d0271/export Fri, 26 Jun 2026 22:07:44 +0000 https://vulnerability.circl.lu/sighting/4864f77a-fde9-433f-8769-d9dd7b307a50/export {"uuid": "4864f77a-fde9-433f-8769-d9dd7b307a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7y5eswhr2c", "content": "CVE-2026-54352 - Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload\nCVE ID : CVE-2026-54352\n \n Published : June 26, 2026, 8:32 p.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pw...", "creation_timestamp": "2026-06-26T22:21:12.234822Z"} {"uuid": "4864f77a-fde9-433f-8769-d9dd7b307a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7y5eswhr2c", "content": "CVE-2026-54352 - Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload\nCVE ID : CVE-2026-54352\n \n Published : June 26, 2026, 8:32 p.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pw...", "creation_timestamp": "2026-06-26T22:21:12.234822Z"} https://vulnerability.circl.lu/sighting/4864f77a-fde9-433f-8769-d9dd7b307a50/export Fri, 26 Jun 2026 22:21:12 +0000 https://vulnerability.circl.lu/sighting/67c57e11-8806-45ee-b897-b902e97926c3/export {"uuid": "67c57e11-8806-45ee-b897-b902e97926c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54350", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7zrsqa4s2x", "content": "CVE-2026-54350 - Budibase: Anonymous NoSQL operator injection via published-app query templates\nCVE ID : CVE-2026-54350\n \n Published : June 26, 2026, 8:44 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenti...", "creation_timestamp": "2026-06-26T22:50:31.813259Z"} {"uuid": "67c57e11-8806-45ee-b897-b902e97926c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54350", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7zrsqa4s2x", "content": "CVE-2026-54350 - Budibase: Anonymous NoSQL operator injection via published-app query templates\nCVE ID : CVE-2026-54350\n \n Published : June 26, 2026, 8:44 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenti...", "creation_timestamp": "2026-06-26T22:50:31.813259Z"} https://vulnerability.circl.lu/sighting/67c57e11-8806-45ee-b897-b902e97926c3/export Fri, 26 Jun 2026 22:50:31 +0000