CVE-2026-48153

CVSS v3.1

8.5

High

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0

Description The fetchToken() function in the OAuth2 SDK performs a POST request to a URL provided by the builder using node-fetch. This process bypasses the isBlacklisted check used by all other outbound fetch paths in the codebase. Additionally, the Joi schema for the OAuth2 URL lacks restrictions on the scheme or host.

Recommendations Update to version 3.39.0.

Exploit

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2026-48153

Affected Products

Budibase

CVE-2026-48153

Weakness Enumeration

Related Identifiers

Affected Products

References · 4