{"vulnerability": "CVE-2026-5435", "sightings": [{"uuid": "3ca642d6-20e7-4852-8ebf-35bbf74c10c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54358", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116744774971353040", "content": "Some increased actor activities are shown targeting MISP (CVE-2026-54358) https://vuldb.com/vuln/370709/cti", "creation_timestamp": "2026-06-13T20:51:39.617415Z"}, {"uuid": "483fba80-eac1-4586-b63d-d07276e8df52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mow4im4pyb2r", "content": "A single Budibase app builder can read every secret on your server.\n\nA rigged app-icon upload exposes the master keys, forges an admin token, and reaches every workspace.\n\nSelf-hosted? Update to 3.39.9 and rotate secrets. (CVE-2026-54352)", "creation_timestamp": "2026-06-23T00:12:27.775773Z"}, {"uuid": "05edb625-7fd3-4d5b-9009-6868441ac2c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54353", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-gfq7-5x4g-3xhf", "content": "", "creation_timestamp": "2026-06-04T08:57:12.000000Z"}, {"uuid": "83d8cde4-c156-4cdb-bcae-c60c0651005b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-54351", "type": "published-proof-of-concept", "source": "https://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p", "content": "", "creation_timestamp": "2026-06-04T08:55:20.000000Z"}, {"uuid": "d16c1852-db4c-41d0-9f4e-9c4553df29ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7wjwi2zx2m", "content": "CVE-2026-54351 - Budibase: Mass Assignment in Webhook Trigger Allows Cross-Workspace Automation Execution via appId Override\nCVE ID : CVE-2026-54351\n \n Published : June 26, 2026, 8:45 p.m. | 59\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to...", "creation_timestamp": "2026-06-26T21:52:26.093128Z"}, {"uuid": "0234edde-8e5a-4ceb-8d4d-8721ba210481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54353", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7wwbufwl2l", "content": "CVE-2026-54353 - Budibase: Potential SSRF DNS rebinding bypass in outbound fetch validation\nCVE ID : CVE-2026-54353\n \n Published : June 26, 2026, 8:44 p.m. | 1\u00a0hour ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with aut...", "creation_timestamp": "2026-06-26T21:59:20.584540Z"}, {"uuid": "cae3a08c-893e-4d82-a5d6-3148523d0271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mp7xfcnzpe2s", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-54351](https://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p)\nBu...\nhttps://github.com/Budibase/budibase/security/advisories/GHSA-rgvg-3wpc-h44p #CVE #ZeroDay #PatchManagement", "creation_timestamp": "2026-06-26T22:07:44.815724Z"}, {"uuid": "4864f77a-fde9-433f-8769-d9dd7b307a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7y5eswhr2c", "content": "CVE-2026-54352 - Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload\nCVE ID : CVE-2026-54352\n \n Published : June 26, 2026, 8:32 p.m. | 1\u00a0hour, 12\u00a0minutes ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pw...", "creation_timestamp": "2026-06-26T22:21:12.234822Z"}, {"uuid": "67c57e11-8806-45ee-b897-b902e97926c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54350", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp7zrsqa4s2x", "content": "CVE-2026-54350 - Budibase: Anonymous NoSQL operator injection via published-app query templates\nCVE ID : CVE-2026-54350\n \n Published : June 26, 2026, 8:44 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenti...", "creation_timestamp": "2026-06-26T22:50:31.813259Z"}, {"uuid": "3574cae7-5571-432f-8122-30d55e01ecec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54350", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpcarllaqs2c", "content": "\ud83d\udd34 CVE-2026-54350 - Critical (10)\n\nBudibase is an open-source low-code platform. Prior to 3.39.12,  an unauthenticated visitor of an...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54350/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-27T20:01:01.130926Z"}, {"uuid": "35dfbabf-6b5b-45ef-90d4-9f1aa5353445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpdceescft2g", "content": "\ud83d\udfe0 CVE-2026-54351 - High (8.2)\n\nBudibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Bu...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54351/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T06:02:04.643147Z"}, {"uuid": "df80e4f3-045c-43ac-ab01-6d4db2f9b0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mpdmouqwyg2u", "content": "CVE-2026-54352 - Critical Path Traversal in Budibase. Symlink extraction allows reading arbitrary files. CVSS 9.6. Unpatched - limit builder access immediately. #CVE #Budibase #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-54352/", "creation_timestamp": "2026-06-28T09:06:53.641937Z"}, {"uuid": "66d8cbca-5614-4df0-af1c-3b5e9cc6e10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpdt2kkhgd2y", "content": "\ud83d\udd34 CVE-2026-54352 - Critical (9.6)\n\nBudibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at pac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54352/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T11:00:49.141725Z"}, {"uuid": "8de67a92-f80a-4586-b033-f6604da152ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54353", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpdt2rw3jx2g", "content": "\ud83d\udfe0 CVE-2026-54353 - High (8.5)\n\nBudibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automatio...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54353/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-28T11:00:56.837339Z"}, {"uuid": "3c7fcd8a-6808-4b43-94ec-bebaa25c2838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54353", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgptcrf6x2e", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54353 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/5EEA6ABB-6EC6-4981-8DD3-90CA3B37956F", "creation_timestamp": "2026-06-29T14:41:08.825527Z"}, {"uuid": "94206a84-6bbe-49ad-81f3-6a8d94071866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54351", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph76ojqyj2t", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54351 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/3D2E897A-1C0C-4395-A351-12DE01BB4311", "creation_timestamp": "2026-06-29T19:15:50.424272Z"}, {"uuid": "1764ae23-1174-47e8-a669-72f6ff7c4b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph77k3sah23", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54352 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/A0DB0CCD-330D-495C-8969-C700C2628D60", "creation_timestamp": "2026-06-29T19:16:19.132727Z"}, {"uuid": "4bd519e5-ece9-431d-95c2-107754e82649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54350", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph7i7q34h23", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54350 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f low-code \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/6D0407B1-154E-4436-8AC0-2556A2FEF94F", "creation_timestamp": "2026-06-29T19:21:10.431203Z"}, {"uuid": "303f1266-9228-423e-a516-31e1832f237e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54353", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mph7ixoj6o2d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-54353 \u0432 Budibase: \u0443\u0433\u0440\u043e\u0437\u044b \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/78E8EE3C-6247-44FE-80AE-E4FA0311257B", "creation_timestamp": "2026-06-29T19:21:35.342900Z"}, {"uuid": "39cb3027-75b5-49ae-82f1-950d44f237a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54350", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpkoz7vcyb2v", "content": "\ud83d\udccc CVE-2026-54350 - Budibase is an open-source low-code platform. Prior to 3.39.12,  an unauthenticated visitor of any published Budibase app reads every document of the ... https://www.cyberhub.blog/cves/CVE-2026-54350", "creation_timestamp": "2026-07-01T04:37:06.418844Z"}, {"uuid": "9c5e4e6d-5a26-4abf-b92c-08851a6412b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpkqov5yzy2e", "content": "\ud83d\udccc CVE-2026-54352 - Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a bu... https://www.cyberhub.blog/cves/CVE-2026-54352", "creation_timestamp": "2026-07-01T05:07:07.931884Z"}, {"uuid": "c974d78c-b5c2-4d72-bf50-020c10a27760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54352", "type": "seen", "source": "https://bsky.app/profile/roguelogics.bsky.social/post/3mplhihbycq2r", "content": "\ud83d\udea8 Patch Alert: CVE-2026-54352 is a high-severity vulnerability affecting widely-used software. This flaw can allow unauthorized remote code execution, putting sensitive data at risk. Our team urges you to patch this vulnerability immediately to mitigate potential threats. Staying ahead of threats\u2026", "creation_timestamp": "2026-07-01T11:55:08.001881Z"}]}