A vulnerability described as critical has been identified in budibase up to 3.38.x . The impacted element is an unknown function of the file /api/chat-links of the component Public Endpoint . Such manipulation leads to improper access controls. This vulnerability is traded as CVE-2026-50132 . The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.