EUVD-2026-12387

NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality...

CVE-2026-24767

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...