VIR
Vulnerability Intelligence Relay
Search
Stats
Package impact
Lookup
npm
NPM / @budibase/server
Severity
critical
high
medium
low
unknown
Min risk
0
Year
all
2027
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
KEV
Has exploit
Source
all
AlmaLinux Errata
AMD Security (NVD wrap)
Apache HTTPD (NVD wrap)
Apple Security Advisories
Arch Linux Security
AWS Security Bulletins (RSS)
Azure Security (via MSRC)
Caddy (NVD wrap)
CVE.org cvelistV5
Debian Security Tracker
Docker (NVD wrap)
.NET (via GHSA NuGet)
Elasticsearch (NVD wrap)
Exploit-DB
GCP Security (RSS)
Gentoo GLSA
GitHub Security Advisories
Go Vulnerability DB
HAProxy (NVD wrap)
Intel Security (RSS + NVD)
Jetty (via GHSA Maven)
CISA KEV
Kubernetes (NVD + GHSA)
Linux Kernel (NVD wrap)
LiteSpeed (NVD wrap)
Maven (via OSV Maven)
Metasploit Modules
MongoDB (NVD wrap)
Microsoft MSRC
MySQL/MariaDB (NVD wrap)
Nginx (NVD wrap)
npm (via GHSA NPM)
NVD
NVIDIA Security (NVD wrap)
OpenLiteSpeed (NVD wrap)
OSV.dev
Packagist Security
PostgreSQL (NVD wrap)
PyPI (via OSV PyPI)
Red Hat OVAL
Redis (NVD wrap)
Rocky Linux Errata
RubySec Advisory DB
RustSec Advisory DB
SUSE Security
Ubuntu USN
Apply
Reset
CVE
Severity
CVSS
Risk
Published
Description
Impact
CVE-2026-45717
high
8.8
8.8
14h ago
Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameter…
npm
CVE-2026-45548
high
7.7
7.7
14h ago
Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation
npm
CVE-2026-45715
high
7.7
7.7
14h ago
Budibase: SSRF Bypass via HTTP Redirect in REST Datasource Integration
npm
CVE-2026-45719
medium
6.5
6.5
14h ago
Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API
npm
Per page
25
50
100
200
500
Showing 1–4 of 4
← Prev
Page 1 of 1
Next →