CVE Tools

nocodb

Cloud & SaaSoss-project

15

Cumulative CVEs

2

Monthly snapshots

#122

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting nocodb.

CVE-2026-28401NocoDB: Stored Cross-Site Scripting via Rich Text Cells5.4Mar 2, 2026
CVE-2026-28399NocoDB: SQL Injection via DATEADD Formula8.8Mar 2, 2026
CVE-2026-28398NocoDB: Stored Cross-Site Scripting via Comments and Rich Text Cells5.4Mar 2, 2026
CVE-2026-28397NocoDB: Stored Cross-Site Scripting via Comments5.4Mar 2, 2026
CVE-2026-28396NocoDB: Refresh Tokens Not Revoked on Password Reset6.5Mar 2, 2026
CVE-2026-28361NocoDB: Missing Ownership Validation in MCP Token Operations6.3Mar 2, 2026
CVE-2026-28360NocoDB: Plaintext Storage of Shared View Passwords5.3Mar 2, 2026
CVE-2026-28359NocoDB: Stored Cross-Site Scripting via Rich Text Field5.4Mar 2, 2026
CVE-2026-28358NocoDB: User Enumeration via Password Reset Endpoint5.3Mar 2, 2026
CVE-2026-28357NocoDB: Stored Cross-Site Scripting via Formula Cell5.4Mar 2, 2026
CVE-2026-24769NocoDB Vulnerable to Stored Cross-Site Scripting via SVG upload9.0Jan 28, 2026
CVE-2026-24768NocoDB has Unvalidated Redirect in Login Flow via continueAfterSignIn Parameter6.1Jan 28, 2026
CVE-2026-24767NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality4.9Jan 28, 2026
CVE-2026-24766NocoDB Vulnerable to Prototype Pollution in Connection Test Endpoint, Leading to DoS4.9Jan 28, 2026
CVE-2025-27506NocoDB Vulnerable to Reflected Cross-Site Scripting on Reset Password Page5.4Mar 6, 2025