CVE-2026-25045— Budibase Critical Privilege Escalation & IDOR via Missing RBAC on User Role Management (Creator-Role)

EPSS 0.04% · P13 Updated Mar 10, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-25045

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Budibase Critical Privilege Escalation & IDOR via Missing RBAC on User Role Management (Creator-Role)

Source: NVD (National Vulnerability Database)

Vulnerability Description

Budibase is a low code platform for creating internal tools, workflows, and admin panels. This issue is a combination of Vertical Privilege Escalation and IDOR (Insecure Direct Object Reference) due to missing server-side RBAC checks in the /api/global/users endpoints. A Creator-level user, who should have no permissions to manage users or organizational roles, can instead promote an App Viewer to Tenant Admin, demote a Tenant Admin to App Viewer, or modify the Owner’s account details and all orders (e.g., change name). This is because the API accepts these actions without validating the requesting role, a Creator can replay Owner-only requests using their own session tokens. This leads to full tenant compromise.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制缺失

Source: NVD (National Vulnerability Database)

Vulnerability Title

Budibase 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Budibase是英国Budibase开源的一个用于在几分钟内创建内部应用程序、工作流和管理面板的低代码平台。 Budibase存在安全漏洞，该漏洞源于/api/global/users端点缺少服务器端RBAC检查，可能导致垂直权限提升和不安全的直接对象引用攻击，进而导致租户完全被破解。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Budibase	budibase	<= 3.32.3	-

II. Public POCs for CVE-2026-25045

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-25045

请登录查看更多情报信息。

Same Patch Batch · Budibase · 2026-03-09 · 5 CVEs total

CVE-2026-30240	9.6 CRITICAL	Budibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All
CVE-2026-31816	9.1 CRITICAL	Budibase Universal Auth Bypass via Webhook Query Param Injection
CVE-2026-25737	8.9 HIGH	Budibase Arbitrary File Upload Leading to Multiple Critical Vulnerabilities (SSRF, Stored
CVE-2026-25041		Budibase has a Command Injection in PostgreSQL Dump Command

IV. Related Vulnerabilities

Same product: budibase

Same vendor: Budibase

Same weakness: CWE-862

V. Comments for CVE-2026-25045

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-25045— Budibase Critical Privilege Escalation & IDOR via Missing RBAC on User Role Management (Creator-Role)

I. Basic Information for CVE-2026-25045

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-25045

III. Intelligence Information for CVE-2026-25045

Same Patch Batch · Budibase · 2026-03-09 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-25045

Leave a comment