NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL

NPM: NocoDB: Attachment Size Limit Bypass via Upload-by-URL vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

GHSA-8RWR-F68V-CVW6 NocoDB: Attachment Size Limit Bypass via Upload-by-URL

Summary The upload-by-URL path did not enforce NCATTACHMENTFIELDSIZE against either the remote file's advertised Content-Length or the decoded length of a data: URI, allowing an authenticated user to bypass the configured per-file size limit. Details The attachments service now checks...

NPM: NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion

NPM: NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion

Summary The uploadViaURL path in the v1/v2 attachment API did not enforce NCATTACHMENTFIELDSIZE against the remote content-length or against the response stream. An authenticated user Editor+ could direct the server to download arbitrarily large files, exhausting disk space and causing denial of...

GHSA-99VC-2JX2-688P NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion

Summary The uploadViaURL path in the v1/v2 attachment API did not enforce NCATTACHMENTFIELDSIZE against the remote content-length or against the response stream. An authenticated user Editor+ could direct the server to download arbitrarily large files, exhausting disk space and causing denial of...

PT-2026-42608

Summary The upload-by-URL path did not enforce NC ATTACHMENT FIELD SIZE against either the remote file's advertised Content-Length or the decoded length of a data: URI, allowing an authenticated user to bypass the configured per-file size limit. Details The attachments service now checks NC...

PT-2026-42679

Name of the Vulnerable Software and Affected Versions NocoDB affected versions not specified Description An issue exists where the upload-by-URL path fails to enforce the NC ATTACHMENT FIELD SIZE limit against the remote file's advertised Content-Length or the decoded length of a data: URI. This...

PT-2026-42677

Name of the Vulnerable Software and Affected Versions NocoDB affected versions not specified Description The uploadViaURL path in the v1/v2 attachment API fails to enforce the NC ATTACHMENT FIELD SIZE limit against the remote content-length or the response stream. An authenticated user with Edito...

PT-2026-42609

Summary The uploadViaURL path in the v1/v2 attachment API did not enforce NC ATTACHMENT FIELD SIZE against the remote content-length or against the response stream. An authenticated user Editor+ could direct the server to download arbitrarily large files, exhausting disk space and causing denial ...

EUVD-2026-19886

WWBN AVideo has an Allowlisted downloadURL media extensions bypass SSRF protection and enable internal response exfiltration Incomplete fix for CVE-2026-27732...

CVE-2026-39370

WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...

Server-side Request Forgery (SSRF)

Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the uploadViaURL function in the attachments.service.ts file. An attacker can trigger outbound requests to arbitrary URLs by supplying crafted input to the process before validatio...

CVE-2025-60319

PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due to a missing authorization check in the uploadAttachByUrl API endpoint AttachController.java...