CVE-2026-25737

Name of the Vulnerable Software and Affected Versions Budibase versions 3.24.0 and earlier

Description Budibase is a low code platform used for creating internal tools, workflows, and admin panels. An arbitrary file upload issue exists because file extension restrictions are only enforced at the user interface level. This allows an attacker to bypass these restrictions and upload malicious files.

Recommendations Versions prior to 3.24.0 should be updated.