Budibase: Mehrere Schwachstellen ermöglichen Manipulation von Dateien
Budibase, an open-source low-code platform for building internal applications, has multiple vulnerabilities that allow manipulation of files. These issues affect versions up to and including 3.39.0. No CVSS score is provided, and no known exploits are reported in the wild. The vulnerabilities were published by the Bundesamt für Sicherheit in der Informationstechnik. No patch or remediation information is currently available.
AI Analysis
Technical Summary
Multiple vulnerabilities in Budibase versions up to and including 3.39.0 enable attackers to manipulate files within the platform. The Bundesamt für Sicherheit in der Informationstechnik published these findings under advisory WID-SEC-W-2026-1714, covering CVE-2026-50137 and CVE-2026-50136. No detailed technical exploitation methods or impact specifics are provided, and no CVSS score is assigned. The vulnerabilities affect the open-source Budibase product and are not related to a cloud service.
Potential Impact
The vulnerabilities allow manipulation of files, which could potentially lead to unauthorized modification or tampering within Budibase applications. The exact impact scope and severity are not detailed, and no known exploits have been reported in the wild to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory WID-SEC-W-2026-1714 from the Bundesamt für Sicherheit in der Informationstechnik for current remediation guidance. No official fix or workaround information is provided in the available data.
Budibase: Mehrere Schwachstellen ermöglichen Manipulation von Dateien
Description
Budibase, an open-source low-code platform for building internal applications, has multiple vulnerabilities that allow manipulation of files. These issues affect versions up to and including 3.39.0. No CVSS score is provided, and no known exploits are reported in the wild. The vulnerabilities were published by the Bundesamt für Sicherheit in der Informationstechnik. No patch or remediation information is currently available.
Affected software
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Multiple vulnerabilities in Budibase versions up to and including 3.39.0 enable attackers to manipulate files within the platform. The Bundesamt für Sicherheit in der Informationstechnik published these findings under advisory WID-SEC-W-2026-1714, covering CVE-2026-50137 and CVE-2026-50136. No detailed technical exploitation methods or impact specifics are provided, and no CVSS score is assigned. The vulnerabilities affect the open-source Budibase product and are not related to a cloud service.
Potential Impact
The vulnerabilities allow manipulation of files, which could potentially lead to unauthorized modification or tampering within Budibase applications. The exact impact scope and severity are not detailed, and no known exploits have been reported in the wild to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory WID-SEC-W-2026-1714 from the Bundesamt für Sicherheit in der Informationstechnik for current remediation guidance. No official fix or workaround information is provided in the available data.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_base
- Csaf Version
- 2.0
- Publisher
- Bundesamt für Sicherheit in der Informationstechnik
- Advisory Id
- WID-SEC-W-2026-1714
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-50136"]
- Cvss Version
- null
Threat ID: 6a42ed8127e9c7971994712b
Added to database: 06/29/2026, 22:11:13 UTC
Last enriched: 06/29/2026, 22:45:58 UTC
Last updated: 06/29/2026, 22:45:58 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.