CVE-2026-24769

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a stored cross-site scripting XSS vulnerability exists in NocoDB’s attachment handling mechanism. Authenticated users can upload malicious SVG files containing embedded JavaScript, which are later rendered inline...