A vulnerability labeled as problematic has been found in budibase up to 3.39.8 . Affected by this vulnerability is the function externalTrigger of the component Webhook Trigger Endpoint . Executing a manipulation can lead to dynamically-determined object attributes. This vulnerability is registered as CVE-2026-54351 . It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.