GHSA-8qv3-p479-cj62

Critical

GHSA-8qv3-p479-cj62

(CVE-2026-54350)

Published Jun 23, 2026

CVSS

10.0

CRITICAL

EPSS

Exploit Prediction Scoring System — the modeled probability of in-the-wild exploitation in the next 30 days.

—

Affected packages

Summary

Budibase has nonymous NoSQL operator injection via published-app query templates

Developer impact

Recommended action

Affected packages

Sources