CVE-2026-33221
CVE-2026-33221 affects the Nhost storage upload component. Before v0.12.0, the storage service trusts the client-provided Content-Type header and does not perform server-side MIME type detection, enabling an attacker to upload files with arbitrary MIME types and bypass MIME-type-based bucket rest...