CVE-2026-35214 | budibase up to 3.33.3 Plugin File Upload Endpoint /api/plugin/upload createTempFolder path traversal

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability classified as critical was found in budibase up to 3.33.3. Affected by this issue is the function createTempFolder of the file /api/plugin/upload of the component Plugin File Upload Endpoint. Executing a manipulation can lead to path traversal.

This vulnerability is registered as CVE-2026-35214. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-35214 | budibase up to 3.33.3 Plugin File Upload Endpoint /api/plugin/upload createTempFolder path traversal

Post correlati

CVE-2025-22557 | WPMagic News Publisher Autopilot Plugin up to 2.1.4 on WordPress cross-site request forgery

CVE-2024-42269 | Linux Kernel up to 6.1.103/6.6.44/6.10.3 iptables ip6table_nat_table_init null pointer dereference

CVE-2024-0738 | 个人开源 mldong 1.0 DecisionModel.java ExpressionEngine code injection

CVE-2023-24333 | Tenda AC21 16.03.08.15_cn_TDC01 POST Request /goform/openSchedWifi stack-based overflow