How is CVE-2026-45548 exploited?

Network reachability (required): The vulnerable endpoint is exposed over the network; an attacker must be able to reach the Budibase server instance via HTTP or HTTPS to submit the malicious URL. Authentication (required): The attacker must hold a valid Budibase user account; any low-privilege authenticated user is sufficient to trigger the affected automation step. Victim interaction (not-required): No victim interaction is needed; the attacker submits the crafted request directly and the server-side fetch executes immediately. Attack complexity (info): Attack complexity is low, meaning the exploit is reliable and requires no special timing, race conditions, or environmental preconditions beyond having a valid session.

What is the impact of CVE-2026-45548?

Reads responses from internal HTTP services reachable from the Budibase server, such as database APIs, microservices, or cloud-provider metadata endpoints. Reads cloud instance metadata (for example, AWS IMDSv1 at 169.254.169.254) which can expose temporary credentials and instance configuration details. Confidentiality impact is rated High; no integrity or availability impact is indicated, so data is disclosed but not modified or destroyed.

Back to search

HIGHCVE-2026-45548Published 2026-05-27Modified 2026-05-27CNA GitHub_M

CVE-2026-45548: Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetch(fileUrl) directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated user to trigger server-side requests to internal network addresses. This vulnerability is fixed in 3.34.8.

HarborGuard Analysis

HarborGuard analysis

Synopsis

This is a server-side request forgery (SSRF) vulnerability in Budibase, an open-source low-code platform. An authenticated user can supply a crafted URL to the AI Extract File automation step, causing the server to make HTTP requests to internal network addresses that would normally be blocked by Budibase's IP blacklist validation. Successful exploitation gives the attacker read access to internal services and metadata endpoints reachable from the Budibase server. Although the description references a fix in version 3.34.8, no fix version has been formally published yet; HarborGuard is tracking the advisory for patch availability.

HarborGuard Coverage

Detection

Detection of CVE-2026-45548 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle the Budibase server package, in both registry scans and CI pipeline checks.

Available

Triage

HarborGuard scores this finding at CVSS 7.7 HIGH using the recorded vector and weights it against each environment's compliance policy to determine urgency and routing. Triage tickets are surfaced to the inbox or ticketing integration configured for the affected workload's owner within each customer organization.

Available

Patch

Because no fix version has been formally published, HarborGuard re-checks the Budibase advisory each ingest cycle and will make a patched-image rebuild available the moment an upstream release is confirmed. For customers with auto-remediation enabled, the rebuild, regression run, and PR against affected workloads will trigger automatically once that version is available.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable endpoint is exposed over the network; an attacker must be able to reach the Budibase server instance via HTTP or HTTPS to submit the malicious URL.
AuthenticationRequired
The attacker must hold a valid Budibase user account; any low-privilege authenticated user is sufficient to trigger the affected automation step.
Victim interactionNot required
No victim interaction is needed; the attacker submits the crafted request directly and the server-side fetch executes immediately.
Attack complexityDetail
Attack complexity is low, meaning the exploit is reliable and requires no special timing, race conditions, or environmental preconditions beyond having a valid session.

Blast Radius

Reads responses from internal HTTP services reachable from the Budibase server, such as database APIs, microservices, or cloud-provider metadata endpoints.
Reads cloud instance metadata (for example, AWS IMDSv1 at 169.254.169.254) which can expose temporary credentials and instance configuration details.
Confidentiality impact is rated High; no integrity or availability impact is indicated, so data is disclosed but not modified or destroyed.

How HarborGuard Handles This

Available on HarborGuard: images containing Budibase server packages are scanned for CVE-2026-45548 on every registry push and scheduled pipeline run. Because no upstream fix version has been formally published yet, HarborGuard will continue polling the Budibase advisory each ingest cycle. The moment a patched release is confirmed, a rebuilt image becomes available for affected environments. For customers with auto-remediation enabled, that rebuild triggers a regression test run and a PR opened against affected workloads automatically. In the interim, compensating controls worth considering include network-policy rules that block egress from the Budibase server pod to RFC-1918 address ranges and cloud metadata IP ranges (169.254.169.254, fd00:ec2::254), and disabling the AI Extract File automation step via feature-flag or role-based access controls if it is not actively needed.

See how HarborGuard automates this

CVSS v3.1: 7.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Budibase / budibase
< 3.34.8

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References