NPM: NocoDB: Stale Auth Cache After API Token Deletion

NPM: NocoDB: Stale Auth Cache After API Token Deletion vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL

NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NPM: NocoDB: Shared-base link access can invite arbitrary users as persistent base members

NPM: NocoDB: Shared-base link access can invite arbitrary users as persistent base members vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NPM: NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion

NPM: NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NPM: NocoDB: Refresh Token Cookie Set Without `secure` and `sameSite` Flags

NPM: NocoDB: Refresh Token Cookie Set Without secure and sameSite Flags vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NPM: NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)

NPM: NocoDB: SSRF Protection Bypass in Notification Webhook Plugins Slack, Discord, Mattermost, Teams vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NPM: NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL

NPM: NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NocoDB Access Control Error Vulnerability

NocoDB is nocodb open source an Airtable alternative . Convert any MySql, PostgreSql, Sql Server, Sqlite and MariaDb to a smart spreadsheet . An access control error vulnerability exists in versions prior to NocoDB 0.301.3. The vulnerability stems from the password reset process not undoing an...

CVE-2026-28360

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3...

CVE-2026-28358

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. This issue has been patched in version 0.301.3...

CVE-2026-28357

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI:: patterns are rendered via v-html without sanitization, allowing injected HTML to execute. This issue has been patche...

CVE-2026-28399

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Creator role can inject arbitrary SQL via the DATEADD formula's unit parameter. This issue has been patched in version 0.301.3...

CVE-2026-28359

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Editor role can inject arbitrary HTML into Rich Text cells by bypassing the TipTap editor and sending raw HTML via the API. This issue has been patched in version 0.301.3...

CVE-2026-28361

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in...

CVE-2026-28398

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, user-controlled content in comments and rich text cells was rendered via v-html without sanitization, enabling stored XSS. This issue has been patched in version 0.301.3...

CVE-2026-28396

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password reset flow did not revoke existing refresh tokens, allowing an attacker with a previously stolen refresh token to continue minting valid JWTs after the victim resets their password. This issue has be...

CVE-2026-28397

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, comments rendered via v-html without sanitization enable stored XSS. This issue has been patched in version 0.301.3...

Insufficient Session Expiration

Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Insufficient Session Expiration in the passwordReset function that fails to call UserRefreshToken.deleteAllUserToken to invalidate JWTs. An attacker can maintain unauthorized access by using a previously obtained...

Credential Exposure

Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Credential Exposure in the password column of the ncviews table in public-datas.service.ts, public-metas.service.ts and calendar-datas.service.ts, where passwords are stored in plaintext. An attacker can obtain...

Information Exposure

Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Information Exposure via the POST /api/v2/auth/password/forgot endpoint. An attacker can determine whether a specific email address is registered by submitting password reset requests and analyzing the differing...