CVE-2026-31816
CRITICALCVSS v3
9.1
CRITICAL
EPSS Score
15.9%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized() middleware that protects every server-side API endpoint can be completely bypassed by appending a webhook path pattern to the query string of any request. The isWebhookEndpoint() function uses an unanchored regex that tests against ctx.request.url, which in Koa includes the full URL with query parameters. When the regex matches, the authorized() midd
Technical Details
- CVSS v3 Vector
- 3.1
- Published
- 3/9/2026
- Last Modified
- 3/13/2026
Frequently Asked Questions
What is CVE-2026-31816?
Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized() middleware that protects every server-side API endpoint can be completely bypassed by appending a webhook path pattern to the query string of any request. The isWebhookEndpoint() function uses an unanchored regex that tests against ctx.request.url, which in Koa includes the full URL with query parameters. When the regex matches, the authorized() midd
Is CVE-2026-31816 actively exploited?
Active exploitation of CVE-2026-31816 has not been confirmed. The EPSS score is 15.9%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2026-31816?
CVE-2026-31816 has a CVSS v3 base score of 9.1 (CRITICAL severity), with vector string 3.1.
Is CVE-2026-31816 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.