{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3abudibasebudibase/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:budibase:budibase:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":10,"id":"CVE-2026-54350"}],"_cs_exploited":false,"_cs_has_poc":true,"_cs_poc_references":["https://sploitus.com/exploit?id=E7208285-7740-58AA-9601-BD03EDB2275F\u0026utm_source=rss\u0026utm_medium=rss"],"_cs_products":["Budibase server (\u003c 3.39.12)","@budibase/server (\u003c 3.39.12)","Budibase (\u003c 3.39.12)"],"_cs_severities":["critical"],"_cs_tags":["nosql-injection","web-vulnerability","budibase","data-exfiltration","data-manipulation","critical-vulnerability","api-exploitation"],"_cs_type":"advisory","_cs_vendors":["Budibase"],"content_html":"\u003cp\u003eA critical NoSQL operator injection vulnerability, tracked as CVE-2026-54350, affects Budibase server versions up to 3.39.0 (and npm package \u003ccode\u003e@budibase/server\u003c/code\u003e versions \u003ccode\u003e\u0026lt; 3.39.12\u003c/code\u003e). This flaw stems from improper input validation and handling within the \u003ccode\u003eenrichContext\u003c/code\u003e and \u003ccode\u003evalidateQueryInputs\u003c/code\u003e functions when processing query templates for MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body datasources. An unauthenticated attacker can craft a malicious JSON payload in a parameter value that contains specific JSON metacharacters. When this payload is substituted into a raw JSON query body and subsequently parsed, it can overwrite the intended query logic, such as a \u003ccode\u003e{name: \u0026quot;...\u0026quot;}\u003c/code\u003e filter being replaced by \u003ccode\u003e{name: {$exists: true}}\u003c/code\u003e. This allows the attacker to read and modify entire database collections, including sensitive data, using a single HTTP request to a publicly accessible API endpoint, without requiring authentication or bypassing CSRF protections.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a published Budibase application that uses a non-SQL datasource (MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body) and has a \u003ccode\u003ePUBLIC\u003c/code\u003e role assigned to at least one query (e.g., \u003ccode\u003eGetUserByName\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker, unauthenticated, sends an HTTP \u003ccode\u003ePOST\u003c/code\u003e request to \u003ccode\u003e/api/v2/queries/:queryId\u003c/code\u003e for the identified public read query, including an \u003ccode\u003ex-budibase-app-id\u003c/code\u003e header.\u003c/li\u003e\n\u003cli\u003eThe request body contains a JSON payload with the \u003ccode\u003eparameters\u003c/code\u003e field where a parameter (e.g., \u003ccode\u003ename\u003c/code\u003e) is injected with a crafted string like \u003ccode\u003ex\u0026quot;,\\\u0026quot;name\\\u0026quot;:{\\\u0026quot;$exists\\\u0026quot;:true},\\\u0026quot;$comment\\\u0026quot;:\\\u0026quot;audit\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eBudibase's \u003ccode\u003eenrichContext\u003c/code\u003e function substitutes this raw parameter value directly into the query's JSON body string without proper JSON-string escaping.\u003c/li\u003e\n\u003cli\u003eThe subsequent \u003ccode\u003eJSON.parse\u003c/code\u003e operation on the malformed string results in a parsed filter object (e.g., \u003ccode\u003ecollection.find()\u003c/code\u003e) where the attacker's injected \u003ccode\u003e$exists:true\u003c/code\u003e clause overrides the legitimate filter, effectively widening the scope to return all documents.\u003c/li\u003e\n\u003cli\u003eThe Budibase server returns all documents from the collection, including sensitive fields not intended for public exposure (e.g., \u003ccode\u003epassword_hash\u003c/code\u003e, \u003ccode\u003esecret\u003c/code\u003e), to the unauthenticated attacker.\u003c/li\u003e\n\u003cli\u003eIf a \u003ccode\u003ePUBLIC\u003c/code\u003e write query (e.g., \u003ccode\u003eupdateMany\u003c/code\u003e) is available, the attacker can similarly inject a payload to widen the \u003ccode\u003efilter\u003c/code\u003e scope, causing the \u003ccode\u003eupdateMany\u003c/code\u003e operation to affect all documents in the collection, leading to widespread data modification or destruction.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-54350 allows an unauthenticated visitor to conduct broad data breaches and integrity compromises. This includes the anonymous reading of every document within any MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection exposed via a \u003ccode\u003ePUBLIC\u003c/code\u003e query. Attackers can exfiltrate sensitive data such as \u003ccode\u003epassword_hash\u003c/code\u003e, \u003ccode\u003esecret\u003c/code\u003e, \u003ccode\u003eapi_token\u003c/code\u003e, and \u003ccode\u003emfa_secret\u003c/code\u003e from columns not intended to be returned. Furthermore, where a \u003ccode\u003ePUBLIC\u003c/code\u003e \u003ccode\u003eupdate\u003c/code\u003e, \u003ccode\u003edelete\u003c/code\u003e, or \u003ccode\u003eaggregate\u003c/code\u003e query exists, attackers can anonymously modify or destroy every document in that collection, extending beyond the original builder's intended single-document scope. All of this can be achieved with a single HTTP request, bypassing session and CSRF protections.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-54350 immediately:\u003c/strong\u003e Upgrade your Budibase server instances to version 3.39.12 or newer to remediate the vulnerability. Refer to the official Budibase release notes and patching guidance.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeploy the provided Sigma rule:\u003c/strong\u003e Implement the \u003ccode\u003eDetect CVE-2026-54350 Exploitation\u003c/code\u003e Sigma rule in your SIEM to identify attempts at NoSQL operator injection against your Budibase applications.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMonitor webserver logs:\u003c/strong\u003e Specifically look for \u003ccode\u003ePOST\u003c/code\u003e requests to \u003ccode\u003e/api/v2/queries/:queryId\u003c/code\u003e containing JSON body parameters with suspicious injection patterns (e.g., \u003ccode\u003e\u0026quot;,\\\\\\\u0026quot;$exists\\\\\\\u0026quot;:true\u0026quot;\u003c/code\u003e) in \u003ccode\u003ecs-uri-query\u003c/code\u003e or equivalent fields.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAudit public queries:\u003c/strong\u003e Review all \u003ccode\u003ePUBLIC\u003c/code\u003e role-assigned queries in your Budibase applications, especially those interacting with MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body datasources, to ensure sensitive data is not inadvertently exposed or modifiable.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-07T02:03:42Z","date_published":"2026-07-03T11:21:33Z","id":"https://feed.craftedsignal.io/briefs/2026-07-budibase-nosql-injection/","summary":"An unauthenticated attacker can exploit CVE-2026-54350, a NoSQL operator injection vulnerability in Budibase server versions prior to 3.39.12, by injecting malicious parameters into public-facing query templates, enabling them to bypass intended query filters, read all documents including sensitive information, and modify all documents within affected collections with a single HTTP request.","title":"Budibase NoSQL Operator Injection (CVE-2026-54350)","url":"https://feed.craftedsignal.io/briefs/2026-07-budibase-nosql-injection/"},{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:budibase:budibase:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":9.6,"id":"CVE-2026-54352"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Budibase server \u003c 3.39.9","@budibase/server \u003c 3.39.9"],"_cs_severities":["critical"],"_cs_tags":["arbitrary-file-read","web-vulnerability","privilege-escalation","credential-access","symlink","budibase","cloud","saas"],"_cs_type":"advisory","_cs_vendors":["Budibase"],"content_html":"\u003cp\u003eA critical arbitrary file read vulnerability (CVE-2026-54352) affects Budibase server versions up to \u003ccode\u003e3.39.0\u003c/code\u003e (HEAD \u003ccode\u003efeab995\u003c/code\u003e, released 2026-05-20). This flaw allows an authenticated workspace builder to read any file accessible by the server process, including highly sensitive configuration files like \u003ccode\u003e/data/.env\u003c/code\u003e (containing \u003ccode\u003eJWT_SECRET\u003c/code\u003e, \u003ccode\u003eINTERNAL_API_KEY\u003c/code\u003e, and database credentials) and system files such as \u003ccode\u003e/etc/passwd\u003c/code\u003e or \u003ccode\u003e/etc/shadow\u003c/code\u003e. The vulnerability stems from improper handling of symbolic links within uploaded PWA \u003ccode\u003e.zip\u003c/code\u003e files by the \u003ccode\u003eextract-zip@2.0.1\u003c/code\u003e library, coupled with insufficient validation in Budibase's icon processing logic. When exploited, it can lead to credential disclosure, privilege escalation to global administrator, and even cross-tenant exposure in multi-tenant environments. This vulnerability impacts self-hosted Budibase deployments, especially those running the default Docker image where the Node server executes as \u003ccode\u003eroot\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains authenticated access as a workspace builder to a Budibase instance, obtaining necessary cookies and CSRF tokens from \u003ccode\u003eGET /api/global/self\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a \u003ccode\u003e.zip\u003c/code\u003e archive containing a symbolic link, for example, \u003ccode\u003eevil.png\u003c/code\u003e, which targets a sensitive file on the server's filesystem, such as \u003ccode\u003e/data/.env\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker includes an \u003ccode\u003eicons.json\u003c/code\u003e file within the \u003ccode\u003e.zip\u003c/code\u003e that references the created symbolic link, for example, \u003ccode\u003e{\u0026quot;icons\u0026quot;:[{\u0026quot;src\u0026quot;:\u0026quot;evil.png\u0026quot;, ...}]}\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker sends an HTTP POST request to \u003ccode\u003e/api/pwa/process-zip\u003c/code\u003e with the crafted \u003ccode\u003e.zip\u003c/code\u003e file in the request body, using their authenticated session.\u003c/li\u003e\n\u003cli\u003eThe Budibase server, using \u003ccode\u003eextract-zip@2.0.1\u003c/code\u003e, extracts the \u003ccode\u003e.zip\u003c/code\u003e file into a temporary directory, preserving the absolute target of the symbolic link.\u003c/li\u003e\n\u003cli\u003eDuring PWA icon processing, the server's validator (\u003ccode\u003epackages/server/src/api/controllers/static/index.ts:259-268\u003c/code\u003e) resolves the icon path, follows the symbolic link using \u003ccode\u003efs.existsSync\u003c/code\u003e, and then opens the target file using \u003ccode\u003efsp.open\u003c/code\u003e to stream its content.\u003c/li\u003e\n\u003cli\u003eThe content of the sensitive target file (e.g., \u003ccode\u003e/data/.env\u003c/code\u003e) is then streamed into MinIO and made available via a new public URL, typically \u003ccode\u003eGET /api/assets/{appId}/pwa/{uuid}.png\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves the sensitive file's content by making a GET request to the newly generated PWA asset URL, completing the arbitrary file read.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-54352 leads to the disclosure of critical secrets from the Budibase server's host system. This includes \u003ccode\u003eJWT_SECRET\u003c/code\u003e, \u003ccode\u003eINTERNAL_API_KEY\u003c/code\u003e, \u003ccode\u003eMINIO_ACCESS_KEY\u003c/code\u003e, \u003ccode\u003eMINIO_SECRET_KEY\u003c/code\u003e, \u003ccode\u003eREDIS_PASSWORD\u003c/code\u003e, \u003ccode\u003eCOUCHDB_PASSWORD\u003c/code\u003e, and \u003ccode\u003eDATABASE_URL\u003c/code\u003e from the \u003ccode\u003e/data/.env\u003c/code\u003e file. With the leaked \u003ccode\u003eJWT_SECRET\u003c/code\u003e, an attacker can forge HS256 JWTs, escalating privileges from a workspace builder to a global administrator. This allows for full compromise of the Budibase instance, including potential cross-tenant data access on multi-tenant installations. Furthermore, if the Budibase Docker container runs as \u003ccode\u003eroot\u003c/code\u003e (the default configuration), system files like \u003ccode\u003e/etc/passwd\u003c/code\u003e and \u003ccode\u003e/etc/shadow\u003c/code\u003e are also exposed, providing additional credential harvesting opportunities.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately update Budibase server to version \u003ccode\u003e3.39.9\u003c/code\u003e or newer to patch CVE-2026-54352.\u003c/li\u003e\n\u003cli\u003eRotate all credentials found in \u003ccode\u003e/data/.env\u003c/code\u003e, including \u003ccode\u003eJWT_SECRET\u003c/code\u003e, \u003ccode\u003eINTERNAL_API_KEY\u003c/code\u003e, \u003ccode\u003eMINIO_*\u003c/code\u003e, \u003ccode\u003eREDIS_PASSWORD\u003c/code\u003e, \u003ccode\u003eCOUCHDB_PASSWORD\u003c/code\u003e, and \u003ccode\u003eDATABASE_URL\u003c/code\u003e, especially if using self-hosted Budibase deployments.\u003c/li\u003e\n\u003cli\u003eImplement strong logging and monitoring for attempts to access sensitive file paths mentioned in the IOCs (e.g., \u003ccode\u003e/data/.env\u003c/code\u003e, \u003ccode\u003e/etc/passwd\u003c/code\u003e, \u003ccode\u003e/etc/shadow\u003c/code\u003e) via unexpected application endpoints.\u003c/li\u003e\n\u003cli\u003eEnsure that the Budibase server process does not run with \u003ccode\u003eroot\u003c/code\u003e privileges within its container or host environment, following the principle of least privilege, to limit the blast radius of arbitrary file read vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T11:01:14Z","date_published":"2026-07-03T11:01:14Z","id":"https://feed.craftedsignal.io/briefs/2026-07-budibase-arbitrary-file-read/","summary":"A critical vulnerability, CVE-2026-54352, in Budibase server allows an authenticated workspace builder to perform arbitrary file reads on the host system by uploading a crafted PWA zip file containing a symbolic link, leading to credential compromise and privilege escalation, potentially enabling a full global administrator takeover.","title":"Budibase Arbitrary File Read Vulnerability via PWA-zip Symlink Upload (CVE-2026-54352)","url":"https://feed.craftedsignal.io/briefs/2026-07-budibase-arbitrary-file-read/"}],"language":"en","title":"CraftedSignal Threat Feed - Cpe:2.3:a:budibase:budibase:*:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}