HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-54352Published Modified CNA GitHub_M

CVE-2026-54352: Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload

Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with extract-zip@2.0.1 into a temp directory, then for each entry listed in icons.json validates the icon path, opens it, and streams the bytes into MinIO. The resulting object is served back via GET /api/assets/{appId}/pwa/{uuid}.png. extract-zip@2.0.1 preserves absolute symlink targets when restoring symlink entries. The icon-source validator at packages/server/src/api/controllers/static/index.ts:259-268 resolves the icon source string against baseDir (path.resolve), checks resolvedSrc.startsWith(baseDir + path.sep) against that string, and calls fs.existsSync(resolvedSrc) which follows symbolic links to confirm the target exists. None of the three calls reject symbolic-link entries. packages/backend-core/src/objectStore/objectStore.ts:302 then calls (await fsp.open(path)).createReadStream() on the resolved path. fsp.open follows the symlink, the target file's bytes stream into MinIO, and the response of the asset-fetch endpoint returns those bytes verbatim. Result: a workspace-level builder reads any file the server process can open. This vulnerability is fixed in 3.39.9.

Metrics

CVSS v3.1
9.6
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An arbitrary file read vulnerability exists in Budibase, an open-source low-code platform, affecting versions before 3.39.9. The flaw is reachable over the network by any authenticated workspace-level builder account: a crafted ZIP file containing a symlink entry is uploaded to the PWA-processing endpoint, and the server follows the symlink when streaming the icon file into object storage, returning the target file's raw bytes to the requester. Successful exploitation lets an attacker read any file the server process has permission to open, including secrets, credentials, and application data. HarborGuard tracks this advisory and will make a patched-image rebuild available as soon as a fix version is published upstream.

HarborGuard Coverage

Detection

Detection for CVE-2026-54352 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images in connected registries and CI pipelines, including custom-built Budibase images. Both official and internally derived images running affected versions of Budibase are covered.

Available
Triage

HarborGuard scores this finding at CVSS 9.6 Critical and weights it against each environment's compliance policy to determine urgency and routing. Findings are surfaced to the appropriate team inbox within each customer org based on configured ownership rules.

Available
Patch

No upstream fix version has been published for CVE-2026-54352 at this time; HarborGuard re-checks the advisory each ingest cycle and will make a patched-image rebuild available automatically the moment a fix is released upstream. For customers with auto-remediation enabled, the rebuild, regression-test run, and PR against affected workloads will be triggered without additional manual steps once the upstream patch appears.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable endpoint is exposed over the network; an attacker must be able to reach the Budibase server's HTTP API to deliver the malicious ZIP.

  • AuthenticationRequired

    A low-privilege workspace-builder account is sufficient; no administrative access is needed, but the attacker must hold a valid authenticated session.

  • Victim interactionNot required

    No victim interaction is required; the attacker sends the crafted request directly and receives the file contents in the response.

  • Attack complexityDetail

    Attack complexity is low; the exploit is straightforward and reliable, requiring no race conditions, special memory layout, or environmental preconditions beyond a builder account.

Blast Radius

  • Reads any file the server process can open, including environment variable files, private keys, and application secrets stored on the container filesystem.
  • Exfiltrates files streamed verbatim through the MinIO object store and served back via the public asset endpoint, bypassing any in-app access controls.
  • Exposes database credentials, session signing keys, or cloud provider tokens if those are present on the filesystem, enabling lateral movement to other services.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix version has been published for CVE-2026-54352, HarborGuard monitors the Budibase advisory each ingest cycle and will surface a patched-image rebuild automatically as soon as version 3.39.9 or a later fix is released upstream. For customers with auto-remediation enabled, the rebuild, regression-test run, and PR against affected workloads will trigger without manual intervention. In the interim, compensating controls worth considering include restricting network-policy ingress to the Budibase server API so that only trusted internal clients can reach the PWA zip upload endpoint, applying egress filtering on the Budibase container to limit outbound connections to MinIO and known destinations only, and auditing which accounts hold workspace-builder roles to minimize the number of identities that could deliver a malicious payload. HarborGuard will re-score and re-route the finding automatically if the upstream severity is revised.

See how HarborGuard automates this
Affected packages
  • Budibase / budibase
    < 3.39.9
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
References