CVE-2026-54352
CriticalCVSS 9.6Exploitation Probability (EPSS)
Low risk39th percentile — higher than 39% of all known CVEs
Summary
Budibase before version 3.39.9 contains a vulnerability due to improper validation of symbolic links during ZIP file processing. A builder-level attacker can inject a symbolic link pointing to any file on the system, which will be read and uploaded to MinIO, then served via the API.
Risk Assessment
The risk is that an attacker with builder privileges can read arbitrary server files, potentially leaking sensitive data such as configurations, keys, or user data.
Recommendation
Upgrade Budibase to version 3.39.9 or later immediately. If upgrading is not possible, restrict access to the /api/pwa/process-zip endpoint to trusted users only.
Original NVD description (English source)
Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with [email protected] into a temp directory, then for each entry listed in icons.json validates the icon path, opens it, and streams the bytes into MinIO. The resulting object is served back via GET /api/assets/{appId}/pwa/{uuid}.png. [email protected] preserves absolute symlink targets when restoring symlink entries. The icon-source validator at packages/server/src/api/controllers/static/index.ts:259-268 resolves the icon source string against baseDir (path.resolve), checks resolvedSrc.startsWith(baseDir + path.sep) against that string, and calls fs.existsSync(resolvedSrc) which follows symbolic links to confirm the target exists. None of the three calls reject symbolic-link entries. packages/backend-core/src/objectStore/objectStore.ts:302 then calls (await fsp.open(path)).createReadStream() on the resolved path. fsp.open follows the symlink, the target file's bytes stream into MinIO, and the response of the asset-fetch endpoint returns those bytes verbatim. Result: a workspace-level builder reads any file the server process can open. This vulnerability is fixed in 3.39.9.

