CVE-2026-28360

Low CVSS: 2.7

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3.

Vendor

Nocodb

Product

Nocodb

CWE

CWE-256

Yayın Tarihi

2026-03-02 17:16:34

Güncelleme

2026-03-03 18:58:09

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-256 Nocodb LOW Nocodb 2026

Referanslar

https://github.com/nocodb/nocodb/releases/tag/0.301.3 https://github.com/nocodb/nocodb/security/advisories/GHSA-mpp2-x7wv-38hv

Benzer Kayıtlar

Medium

CVE-2026-28399

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Creator…

Medium

CVE-2026-28401

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, rich text cell content rendered via…

Medium

CVE-2026-28359

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Editor r…

Medium

CVE-2026-28361

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not valid…

Medium

CVE-2026-28396

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password reset flow did not rev…

Medium

CVE-2026-28397

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, comments rendered via v-html withou…