CVE-2026-46424 | budibase up to 3.38.1 Public API unassign privileges management

A vulnerability labeled as critical has been found in budibase up to 3.38.1. This impacts an unknown function of the file /api/public/v1/roles/unassign of the component Public API. The manipulation results in improper privilege management.

This vulnerability is cataloged as CVE-2026-46424. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More