2 matches found
CVE-2026-46552
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email in...
CVE-2026-46552
Summary: CVE-2026-46552 affects NocoDB. Before 2026.04.1, shared-base sessions had base-member capabilities equivalent to authenticated viewers, enabling an attacker with only a shared-base UUID (xc-shared-base-id) to enumerate base members and invite arbitrary emails as real members. Invited use...