CVE-2026-48149 | budibase up to 3.38.x MarkdownViewer.svelte cross site scripting (GHSA-57p7-9h9w-xqpw)

Inserito da Angelo Barbosa | Mag 27, 2026 | CVE

A vulnerability has been found in budibase up to 3.38.x and classified as problematic. This affects an unknown function of the file packages/bbui/src/Markdown/MarkdownViewer.svelte. Performing a manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-48149. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-48149 | budibase up to 3.38.x MarkdownViewer.svelte cross site scripting (GHSA-57p7-9h9w-xqpw)

Post correlati

CVE-2024-46548 | Kasa Tapo P125M/Kasa KP125M 1.0.3 certificate validation

CVE-2025-43495 | Apple iOS/iPadOS up to 26.0 App permission

CVE-2026-25315 | hCaptcha for WP Plugin up to 4.22.0 on WordPress authorization

CVE-2026-5987 | Sanluan PublicCMS up to 6.202506.d FreeMarker Template AbstractFreemarkerView.java AbstractFreemarkerView.doRender special elements used in a template engine (Issue 113)