CVE Alerts : CVE-2026-25040 - Budibase Vulnerable to Privilege Escalation via API Abuse – Creator Can Invite Users with Admin/Any Role CVE ID : CVE-2026-25040 Published : Jan. 29, 2026, 9:33 p.m. | 33 minutes ago Description : Budibase is a low code platform for creating internal too...

See full post

CVE Alerts cve.skyfleet.blue
CVE-2026-25040 - Budibase Vulnerable to Privilege Escalation via API Abuse – Creator Can Invite Users with Admin/Any Role CVE ID : CVE-2026-25040 Published : Jan. 29, 2026, 9:33 p.m. | 33 minutes ago Description : Budibase is a low code platform for creating internal too...
CVE-2026-25040 - Budibase Vulnerable to Privilege Escalation via API Abuse – Creator Can Invite Users with Admin/Any Role

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In versions up to and including 3.26.3, a Creator-level user, who normally has no UI permission to invite users, can manipulate API requests to invite new users with any role, including Admin, Creator, or App Viewer, …

cvefeed.io
Jan 29, 2026 23:23
0 reposts 0 quotes 0 likes

View on Bluesky Show all post labels

An unhandled error has occurred. Reload 🗙