Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionGitHub Advisory
Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection. The safe wrapper fetchWithBlacklist() exists in the same codebase and is used in every other outbound HTTP call (automation steps, plugin downloads, object store), but was not applied to the OAuth2 token endpoint. A user with BUILDER role can point the OAuth2 token URL to internal services (CouchDB, cloud metadata) to exfiltrate sensitive data. This vulnerability is fixed in 3.39.0.
AnalysisAI
Server-side request forgery in Budibase before 3.39.0 lets an authenticated user with the BUILDER role coerce the platform into making attacker-controlled outbound requests by setting a malicious OAuth2 token endpoint URL. Because the token fetch path bypassed the codebase's existing SSRF-blocking HTTP wrapper, responses from internal-only services such as the CouchDB database or cloud instance metadata endpoints can be exfiltrated. No public exploit identified at time of analysis, but the flaw is straightforward to trigger and EPSS/KEV signals were not supplied.
Technical ContextAI
Budibase is an open-source low-code application platform whose server component (packages/server) issues many outbound HTTP calls. To defend against SSRF the project ships a fetchWithBlacklist() helper that blocks requests to internal/reserved address ranges, and it is consistently used for automation steps, plugin downloads, and object-store traffic. The OAuth2 token retrieval logic in packages/server/src/sdk/workspace/oauth2/utils.ts instead called raw fetch(config.url) with no such filtering, leaving a single un-guarded egress path. This is a textbook CWE-918 (Server-Side Request Forgery): user-influenced input flows into a server-side request without validation of the destination, and the changed scope (S:C in the CVSS vector) reflects that impact crosses from the application into adjacent backend infrastructure such as CouchDB and the cloud metadata service (e.g. 169.254.169.254).
RemediationAI
Upgrade to Budibase 3.39.0 or later, which applies the existing fetchWithBlacklist() SSRF guard to the OAuth2 token endpoint (Vendor-released patch: 3.39.0); this is the primary and complete fix. Until the upgrade can be deployed, restrict who holds the BUILDER role to a minimal set of fully trusted operators, since that role is the precondition for exploitation. As compensating network controls, apply egress restrictions so the Budibase server cannot reach the cloud metadata endpoint (block outbound traffic to 169.254.169.254) and cannot directly reach the internal CouchDB port, and on cloud hosts enforce IMDSv2 to blunt metadata theft - be aware that egress filtering may break legitimate OAuth2 integrations to external identity providers, so allowlist only the required endpoints. Refer to the vendor advisory for fix details: https://github.com/Budibase/budibase/security/advisories/GHSA-g6qx-g4pr-92v7.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32593
GHSA-g6qx-g4pr-92v7