Detections
Analytics

Supabase Studio Detected

high Web App Scanning Plugin ID 115228

Language:

Synopsis

Supabase Studio Detected

Description

A publicly accessible Supabase Studio instance has been detected. Supabase Studio is a web-based interface for managing Supabase projects, and its presence may indicate potential security risks if not properly secured. Attackers may target exposed Supabase Studio instances to gain unauthorized access to sensitive data or perform malicious activities.

Solution

Restrict access to Supabase Studio using a .htaccess file, limiting access to known IP Addresses.

See Also

https://github.com/supabase/supabase

https://supabase.com/

Plugin Details

Severity: High

ID: 115228

Type: Check Based

Published: 4/30/2026

Updated: 4/30/2026

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: Tenable

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS Score Source: Tenable

CVSS v4

Risk Factor: High

Base Score: 8.7

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CVSS Score Source: Tenable

Vulnerability Information

CPE: cpe:2.3:a:supabase:supabase:*:*:*:*:*:*:*:*

Reference Information