Speenah

**Name of the Vulnerable Software and Affected Versions** Bambuddy versions prior to 0.1.7 **Description** Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Versions before 0.1.7 include a hardcoded secret key used for signing JSON Web Tokens (JWTs). Multiple API routes do not enforce authentication checks. This allows potential bypass of security controls and trivial token forgery, granting full system access. **Recommendations** Update Bambuddy to version 0.1.7.