logo

Database

Security

Vulnerabilities

Real-time alerts of vulnerabilities across monitored open-source ecosystems.

Ecosystems covered

1

Npm

Total vulnerabilities tracked

21

From global vulnerability databases

Exclude malware
Package @budibase/server

FLAT-ZT7OQ (CVE-2026-54350)

NoSQL injection In @budibase/server

8.1

High

Ecosystem: Npm

Package: @budibase/server

FLAT-N33WO (CVE-2026-54352)

Lack of data validation - Path Traversal In @budibase/server

6.0

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-92X3H (CVE-2026-54351)

Authentication mechanism absence or evasion In @budibase/server

7.5

High

Ecosystem: Npm

Package: @budibase/server

FLAT-RQHYL (CVE-2026-50137)

Improper authorization control for web services In @budibase/server

6.5

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-X9K9D (CVE-2026-50136)

Improper authorization control for web services In @budibase/server

7.9

High

Ecosystem: Npm

Package: @budibase/server

FLAT-BMTVV (CVE-2026-50132)

Account Takeover In @budibase/server

5.7

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-3CNZD (CVE-2026-48153)

Server-side request forgery (SSRF) In @budibase/server

4.2

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-CPJ0V (CVE-2026-48152)

Authentication mechanism absence or evasion In @budibase/server

4.2

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-WCPOR (CVE-2026-48151)

Improper authorization control for web services In @budibase/server

7.8

High

Ecosystem: Npm

Package: @budibase/server

FLAT-XY4IU (CVE-2026-48150)

Authentication mechanism absence or evasion In @budibase/server

6.1

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-NLQ95 (CVE-2026-48148)

Server-side request forgery (SSRF) In @budibase/server

1.3

Low

Ecosystem: Npm

Package: @budibase/server

FLAT-3ZEYA (CVE-2026-48146)

Server-side request forgery (SSRF) In @budibase/server

4.1

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-KZQEQ (CVE-2026-45719)

Lack of data validation In @budibase/server

5.7

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-60CD7 (CVE-2026-45717)

Improper authorization control for web services In @budibase/server

7.7

High

Ecosystem: Npm

Package: @budibase/server

FLAT-V4K8W (CVE-2026-45715)

Server-side request forgery (SSRF) In @budibase/server

7.5

High

Ecosystem: Npm

Package: @budibase/server

FLAT-YHNCO (CVE-2026-45548)

Server-side request forgery (SSRF) In @budibase/server

5.8

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-1Y1R3 (CVE-2026-35216)

Remote command execution In @budibase/server

8.4

High

Ecosystem: Npm

Package: @budibase/server

FLAT-IZME6 (CVE-2026-35214)

Lack of data validation - Path Traversal In @budibase/server

5.7

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-MV03G (CVE-2026-25044)

OS Command Injection In @budibase/server

6.3

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-OZHQU (CVE-2026-25041)

Server side template injection In @budibase/server

6.1

Medium

Ecosystem: Npm

Package: @budibase/server

FLAT-L89Y8 (GHSA-4g2x-vq5p-5vj6)

Server side template injection In @budibase/server

8.1

High

Ecosystem: Npm

Package: @budibase/server