CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

ATTACKERKB•added 2026/01/28 8:36 p.m.•3 views

CVE-2026-24769

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a stored cross-site scripting XSS vulnerability exists in NocoDB’s attachment handling mechanism. Authenticated users can upload malicious SVG files containing embedded JavaScript, which are later rendered inline...

9.4CVSS5.8AI score0.00025EPSS

Exploits1References2Affected Software1

EUVD•added 2026/01/28 8:29 p.m.•4 views

EUVD-2026-4871

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...

4.9CVSS5.9AI score0.00015EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by