VIR Vulnerability Intelligence Relay

Package impact

npm npm / nocodb

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-46552 medium 5.5 7d ago NocoDB: Shared-base link access can invite arbitrary users as persistent base members npm
CVE-2026-46551 medium 5.5 7d ago NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion npm
CVE-2026-46550 medium 5.5 7d ago NocoDB: Refresh Token Cookie Set Without `secure` and `sameSite` Flags npm
CVE-2026-46548 medium 5.5 7d ago NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams) npm
CVE-2026-46547 medium 5.5 7d ago NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL npm
CVE-2026-46554 low 2.5 7d ago NocoDB: Stale Auth Cache After API Token Deletion npm
CVE-2026-46553 low 2.5 7d ago NocoDB: Attachment Size Limit Bypass via Upload-by-URL npm
CVE-2026-46549 low 2.5 7d ago NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation npm