<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Cpe:2.3:a:budibase:budibase:*:*:*:*:*:*:*:* - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/cpes/cpe2.3abudibasebudibase/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Fri, 03 Jul 2026 11:21:33 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/cpes/cpe2.3abudibasebudibase/feed.xml" rel="self" type="application/rss+xml"/><item><title>Budibase NoSQL Operator Injection (CVE-2026-54350)</title><link>https://feed.craftedsignal.io/briefs/2026-07-budibase-nosql-injection/</link><pubDate>Fri, 03 Jul 2026 11:21:33 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-budibase-nosql-injection/</guid><description>An unauthenticated attacker can exploit CVE-2026-54350, a NoSQL operator injection vulnerability in Budibase server versions prior to 3.39.12, by injecting malicious parameters into public-facing query templates, enabling them to bypass intended query filters, read all documents including sensitive information, and modify all documents within affected collections with a single HTTP request.</description><content:encoded><![CDATA[<p>A critical NoSQL operator injection vulnerability, tracked as CVE-2026-54350, affects Budibase server versions up to 3.39.0 (and npm package <code>@budibase/server</code> versions <code>&lt; 3.39.12</code>). This flaw stems from improper input validation and handling within the <code>enrichContext</code> and <code>validateQueryInputs</code> functions when processing query templates for MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body datasources. An unauthenticated attacker can craft a malicious JSON payload in a parameter value that contains specific JSON metacharacters. When this payload is substituted into a raw JSON query body and subsequently parsed, it can overwrite the intended query logic, such as a <code>{name: &quot;...&quot;}</code> filter being replaced by <code>{name: {$exists: true}}</code>. This allows the attacker to read and modify entire database collections, including sensitive data, using a single HTTP request to a publicly accessible API endpoint, without requiring authentication or bypassing CSRF protections.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker identifies a published Budibase application that uses a non-SQL datasource (MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body) and has a <code>PUBLIC</code> role assigned to at least one query (e.g., <code>GetUserByName</code>).</li>
<li>The attacker, unauthenticated, sends an HTTP <code>POST</code> request to <code>/api/v2/queries/:queryId</code> for the identified public read query, including an <code>x-budibase-app-id</code> header.</li>
<li>The request body contains a JSON payload with the <code>parameters</code> field where a parameter (e.g., <code>name</code>) is injected with a crafted string like <code>x&quot;,\&quot;name\&quot;:{\&quot;$exists\&quot;:true},\&quot;$comment\&quot;:\&quot;audit&quot;</code>.</li>
<li>Budibase's <code>enrichContext</code> function substitutes this raw parameter value directly into the query's JSON body string without proper JSON-string escaping.</li>
<li>The subsequent <code>JSON.parse</code> operation on the malformed string results in a parsed filter object (e.g., <code>collection.find()</code>) where the attacker's injected <code>$exists:true</code> clause overrides the legitimate filter, effectively widening the scope to return all documents.</li>
<li>The Budibase server returns all documents from the collection, including sensitive fields not intended for public exposure (e.g., <code>password_hash</code>, <code>secret</code>), to the unauthenticated attacker.</li>
<li>If a <code>PUBLIC</code> write query (e.g., <code>updateMany</code>) is available, the attacker can similarly inject a payload to widen the <code>filter</code> scope, causing the <code>updateMany</code> operation to affect all documents in the collection, leading to widespread data modification or destruction.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-54350 allows an unauthenticated visitor to conduct broad data breaches and integrity compromises. This includes the anonymous reading of every document within any MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection exposed via a <code>PUBLIC</code> query. Attackers can exfiltrate sensitive data such as <code>password_hash</code>, <code>secret</code>, <code>api_token</code>, and <code>mfa_secret</code> from columns not intended to be returned. Furthermore, where a <code>PUBLIC</code> <code>update</code>, <code>delete</code>, or <code>aggregate</code> query exists, attackers can anonymously modify or destroy every document in that collection, extending beyond the original builder's intended single-document scope. All of this can be achieved with a single HTTP request, bypassing session and CSRF protections.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li><strong>Patch CVE-2026-54350 immediately:</strong> Upgrade your Budibase server instances to version 3.39.12 or newer to remediate the vulnerability. Refer to the official Budibase release notes and patching guidance.</li>
<li><strong>Deploy the provided Sigma rule:</strong> Implement the <code>Detect CVE-2026-54350 Exploitation</code> Sigma rule in your SIEM to identify attempts at NoSQL operator injection against your Budibase applications.</li>
<li><strong>Monitor webserver logs:</strong> Specifically look for <code>POST</code> requests to <code>/api/v2/queries/:queryId</code> containing JSON body parameters with suspicious injection patterns (e.g., <code>&quot;,\\\&quot;$exists\\\&quot;:true&quot;</code>) in <code>cs-uri-query</code> or equivalent fields.</li>
<li><strong>Audit public queries:</strong> Review all <code>PUBLIC</code> role-assigned queries in your Budibase applications, especially those interacting with MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body datasources, to ensure sensitive data is not inadvertently exposed or modifiable.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>nosql-injection</category><category>web-vulnerability</category><category>budibase</category><category>data-exfiltration</category><category>data-manipulation</category><category>critical-vulnerability</category><category>api-exploitation</category></item><item><title>Budibase Arbitrary File Read Vulnerability via PWA-zip Symlink Upload (CVE-2026-54352)</title><link>https://feed.craftedsignal.io/briefs/2026-07-budibase-arbitrary-file-read/</link><pubDate>Fri, 03 Jul 2026 11:01:14 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-budibase-arbitrary-file-read/</guid><description>A critical vulnerability, CVE-2026-54352, in Budibase server allows an authenticated workspace builder to perform arbitrary file reads on the host system by uploading a crafted PWA zip file containing a symbolic link, leading to credential compromise and privilege escalation, potentially enabling a full global administrator takeover.</description><content:encoded><![CDATA[<p>A critical arbitrary file read vulnerability (CVE-2026-54352) affects Budibase server versions up to <code>3.39.0</code> (HEAD <code>feab995</code>, released 2026-05-20). This flaw allows an authenticated workspace builder to read any file accessible by the server process, including highly sensitive configuration files like <code>/data/.env</code> (containing <code>JWT_SECRET</code>, <code>INTERNAL_API_KEY</code>, and database credentials) and system files such as <code>/etc/passwd</code> or <code>/etc/shadow</code>. The vulnerability stems from improper handling of symbolic links within uploaded PWA <code>.zip</code> files by the <code>extract-zip@2.0.1</code> library, coupled with insufficient validation in Budibase's icon processing logic. When exploited, it can lead to credential disclosure, privilege escalation to global administrator, and even cross-tenant exposure in multi-tenant environments. This vulnerability impacts self-hosted Budibase deployments, especially those running the default Docker image where the Node server executes as <code>root</code>.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker gains authenticated access as a workspace builder to a Budibase instance, obtaining necessary cookies and CSRF tokens from <code>GET /api/global/self</code>.</li>
<li>The attacker crafts a <code>.zip</code> archive containing a symbolic link, for example, <code>evil.png</code>, which targets a sensitive file on the server's filesystem, such as <code>/data/.env</code>.</li>
<li>The attacker includes an <code>icons.json</code> file within the <code>.zip</code> that references the created symbolic link, for example, <code>{&quot;icons&quot;:[{&quot;src&quot;:&quot;evil.png&quot;, ...}]}</code>.</li>
<li>The attacker sends an HTTP POST request to <code>/api/pwa/process-zip</code> with the crafted <code>.zip</code> file in the request body, using their authenticated session.</li>
<li>The Budibase server, using <code>extract-zip@2.0.1</code>, extracts the <code>.zip</code> file into a temporary directory, preserving the absolute target of the symbolic link.</li>
<li>During PWA icon processing, the server's validator (<code>packages/server/src/api/controllers/static/index.ts:259-268</code>) resolves the icon path, follows the symbolic link using <code>fs.existsSync</code>, and then opens the target file using <code>fsp.open</code> to stream its content.</li>
<li>The content of the sensitive target file (e.g., <code>/data/.env</code>) is then streamed into MinIO and made available via a new public URL, typically <code>GET /api/assets/{appId}/pwa/{uuid}.png</code>.</li>
<li>The attacker retrieves the sensitive file's content by making a GET request to the newly generated PWA asset URL, completing the arbitrary file read.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-54352 leads to the disclosure of critical secrets from the Budibase server's host system. This includes <code>JWT_SECRET</code>, <code>INTERNAL_API_KEY</code>, <code>MINIO_ACCESS_KEY</code>, <code>MINIO_SECRET_KEY</code>, <code>REDIS_PASSWORD</code>, <code>COUCHDB_PASSWORD</code>, and <code>DATABASE_URL</code> from the <code>/data/.env</code> file. With the leaked <code>JWT_SECRET</code>, an attacker can forge HS256 JWTs, escalating privileges from a workspace builder to a global administrator. This allows for full compromise of the Budibase instance, including potential cross-tenant data access on multi-tenant installations. Furthermore, if the Budibase Docker container runs as <code>root</code> (the default configuration), system files like <code>/etc/passwd</code> and <code>/etc/shadow</code> are also exposed, providing additional credential harvesting opportunities.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately update Budibase server to version <code>3.39.9</code> or newer to patch CVE-2026-54352.</li>
<li>Rotate all credentials found in <code>/data/.env</code>, including <code>JWT_SECRET</code>, <code>INTERNAL_API_KEY</code>, <code>MINIO_*</code>, <code>REDIS_PASSWORD</code>, <code>COUCHDB_PASSWORD</code>, and <code>DATABASE_URL</code>, especially if using self-hosted Budibase deployments.</li>
<li>Implement strong logging and monitoring for attempts to access sensitive file paths mentioned in the IOCs (e.g., <code>/data/.env</code>, <code>/etc/passwd</code>, <code>/etc/shadow</code>) via unexpected application endpoints.</li>
<li>Ensure that the Budibase server process does not run with <code>root</code> privileges within its container or host environment, following the principle of least privilege, to limit the blast radius of arbitrary file read vulnerabilities.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>arbitrary-file-read</category><category>web-vulnerability</category><category>privilege-escalation</category><category>credential-access</category><category>symlink</category><category>budibase</category><category>cloud</category><category>saas</category></item></channel></rss>