प्लेटफ़ॉर्म
nodejs
घटक
budibase
में ठीक किया गया
3.30.5
3.30.4
CVE-2026-27702 represents a critical Remote Code Execution (RCE) vulnerability discovered in Budibase Cloud. This flaw allows authenticated users, including those on free tier accounts, to execute arbitrary JavaScript code on the server, potentially leading to complete system compromise. The vulnerability specifically impacts Budibase Cloud (SaaS) deployments; self-hosted instances are not affected. A fix is available in version 3.30.4.
The impact of CVE-2026-27702 is severe due to the potential for complete server takeover. An attacker exploiting this vulnerability could execute arbitrary code within the Budibase Cloud environment, gaining access to sensitive data, modifying application configurations, and potentially pivoting to other systems within the network. The app-service pod, where this vulnerability resides, has access to a wide range of resources, significantly expanding the attack surface. This vulnerability mirrors the danger of unchecked user input leading to code execution, similar to scenarios where unsanitized data is used in JavaScript eval() functions.
CVE-2026-27702 was publicly disclosed on 2026-02-25. The vulnerability's ease of exploitation and the high potential impact suggest a medium probability of exploitation (EPSS score likely medium). Public proof-of-concept (PoC) code is anticipated to emerge, further increasing the risk. No active exploitation campaigns have been confirmed at the time of this writing, but the vulnerability has been added to the CISA KEV catalog.
Budibase Cloud users, particularly those on free tier accounts, are at immediate risk. Organizations relying on Budibase Cloud for critical applications or storing sensitive data are especially vulnerable. Shared hosting environments utilizing Budibase Cloud may also be at increased risk due to potential cross-tenant exploitation.
• nodejs / server: Monitor Budibase Cloud logs for unusual JavaScript execution patterns or errors related to view filtering. Use journalctl to filter for errors containing 'eval' or 'inMemoryView.ts'.
• generic web: Inspect Budibase Cloud application logs for suspicious requests targeting view endpoints. Use curl to test view endpoints with potentially malicious map functions and observe the response for unexpected behavior.
• database (mongodb): While the vulnerability isn't directly in MongoDB, monitor MongoDB logs for unusual activity originating from the Budibase Cloud application pods.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.07% (22% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2026-27702 is to immediately upgrade Budibase Cloud to version 3.30.4 or later. For those unable to upgrade immediately, consider implementing stricter access controls to limit the number of authenticated users with potential access to view filtering functionality. While a direct WAF rule is difficult to implement due to the nature of the vulnerability, monitoring for unusual JavaScript execution patterns within the Budibase Cloud environment can provide early detection. After upgrading, verify the fix by attempting to create a view with a malicious map function and confirming that it is properly sanitized and does not result in code execution.
Budibase Cloud को संस्करण 3.30.4 या उच्चतर में अपडेट करें। इस संस्करण में रिमोट कोड एग्जीक्यूशन भेद्यता के लिए एक फिक्स शामिल है। अपडेट से प्रमाणित उपयोगकर्ताओं द्वारा सर्वर पर मनमाना जावास्क्रिप्ट कोड निष्पादित करने के जोखिम को कम किया जाएगा।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2026-27702 is a critical Remote Code Execution vulnerability in Budibase Cloud allowing authenticated users to execute arbitrary JavaScript code on the server. It affects versions before 3.30.4.
If you are using Budibase Cloud (SaaS) and have not upgraded to version 3.30.4 or later, you are vulnerable. Self-hosted Budibase deployments are not affected.
Upgrade Budibase Cloud to version 3.30.4 or later. Consider implementing stricter access controls as a temporary mitigation.
No active exploitation campaigns have been confirmed, but the vulnerability's severity and ease of exploitation suggest a potential risk.
Refer to the official Budibase security advisory on their website for detailed information and updates: [https://budibase.com/security/advisories](https://budibase.com/security/advisories)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।