VULNRABLE / Vulnerability / CVE-2026-48150
CVE-2026-48150
CRITICAL @budibase/server GHSA
CVSS Score
9.5
Severity
CRITICAL
EPSS
0%
Source
GHSA
Summary
Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign
What this means
CVE-2026-48150 is a critical-severity vulnerability affecting @budibase/server, rated CVSS 9.5. The EPSS model estimates a 0% probability of exploitation in the next 30 days. Published June 12, 2026.
View full advisory at GHSA →