Lucene search
K

4 matches found

NVD
NVD
added 2026/06/23 9:16 p.m.11 views

CVE-2026-46552

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email in...

5.8CVSS0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:38 p.m.6 views

CVE-2026-46552

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email in...

5.8CVSS6AI score0.00296EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/23 8:38 p.m.5 views

CVE-2026-46552 NocoDB: Shared-base link access can invite arbitrary users as persistent base members

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities as authenticated viewers. Using only the shared-base UUID xc-shared-base-id, an attacker could enumerate base members and invite an arbitrary email in...

5.8CVSS6.1AI score0.00296EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.15 views

PT-2026-42678

Name of the Vulnerable Software and Affected Versions NocoDB affected versions not specified Description An authorization bypass occurs because shared-base sessions are granted the same capabilities as authenticated viewers. By using the shared-base UUID xc-shared-base-id, an attacker can enumera...

5.8CVSS5.9AI score0.00296EPSS
Exploits0References9
Rows per page
Query Builder