GHSA-gfq7-5x4g-3xhf: @budibase/backend-core has potential SSRF DNS rebinding bypass in outbound fetch validation
Summary
Budibase has a DNS rebinding vulnerability (a type of attack where DNS lookups return different IP addresses at different times) in its SSRF protection. The software checks if a hostname is safe by looking up its IP address and checking a blacklist, but then performs a separate DNS lookup when actually connecting. An attacker controlling DNS can return a public IP during the safety check and a private/internal IP during the actual connection, allowing them to access internal services like localhost or cloud metadata endpoints.
Vulnerability Details
EPSS: 0.0%
Yes
June 22, 2026
Classification
Affected Vendors
Affected Packages
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2026-26190: Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus expose
Original source: https://github.com/advisories/GHSA-gfq7-5x4g-3xhf
First tracked: June 22, 2026 at 08:01 PM
Classified by LLM (prompt v3) · confidence: 75%