CVE-2026-46427
BaseFortify
Publication date: 2026-05-27
Last updated on: 2026-05-27
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| budibase | budibase | to 3.38.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Budibase, an open-source low-code platform, prior to version 3.38.3. The issue is that the function removeSecrets only masks datasource configuration fields typed as PASSWORD, but it does not mask fields typed as SENSITIVE_LONGFORM. Specifically, the Snowflake integration's privateKey field is typed as SENSITIVE_LONGFORM, so it is not masked by the filter.
As a result, an authenticated BASIC user with any app role can call the GET /api/datasources/:datasourceId endpoint, which is supposed to be protected by certain permissions, and receive the full Snowflake private key (PEM) in plaintext.
This vulnerability was fixed in Budibase version 3.38.3.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive credentials, specifically the Snowflake private key used for integration. An attacker with basic authentication and any app role can retrieve this private key in plaintext.
Exposure of the private key can allow attackers to impersonate the legitimate user or system, potentially gaining unauthorized access to Snowflake data sources, leading to data breaches or unauthorized data manipulation.
The CVSS base score of 7.7 indicates a high severity impact, with confidentiality being highly affected.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade Budibase to version 3.38.3 or later, where the issue with the removeSecrets function masking sensitive fields properly is fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows authenticated BASIC users to retrieve unmasked Snowflake private keys in plaintext, potentially leading to unauthorized access to sensitive data stored in Snowflake analytics warehouses.
Such unauthorized access to sensitive data could result in violations of data protection regulations and standards like GDPR and HIPAA, which mandate strict controls over access to confidential information and require protection of sensitive data.
Therefore, exploitation of this vulnerability could compromise compliance with these regulations by exposing sensitive credentials and data to unauthorized parties.