CVE-2026-41428 | budibase up to 3.35.3 Query Parameter status improper authentication

Inserito da Angelo Barbosa | Apr 24, 2026 | CVE

A vulnerability classified as critical was found in budibase up to 3.35.3. This affects an unknown part of the file /api/global/users/search?x=/api/system/status of the component Query Parameter Handler. Executing a manipulation can lead to improper authentication.

This vulnerability appears as CVE-2026-41428. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-41428 | budibase up to 3.35.3 Query Parameter status improper authentication

Post correlati

CVE-2024-6539 | heyewei SpringBootCMS up to 2024-05-28 Guestbook /guestbook Content cross site scripting (IA9D7F)

CVE-2024-2664 | Premium Addons for Elementor Plugin up to 4.10.24 on WordPress cross site scripting

CVE-2025-3945 | Tridium Niagara Framework/Niagara Enterprise Security up to 4.10.10/4.14.1/4.15.0 of argument injection

CVE-2025-9044 | Mapster WP Maps Plugin up to 1.20.0 on WordPress cross site scripting