Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

286 New today
64,930 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

245
Jun 11
336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
292
Jun 23
Jun 24
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6 CVE-2026-47375

NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`_CVE-2026-47375

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, an authenticated user with columnAdd permission on a Postgres-backed...

nocodb nocodb < 2026.04.1 CVE
MEDIUM 6.9 CVE-2026-47279

NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints_CVE-2026-47279

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the public shared-view relation endpoints accepted a caller-supplied...

nocodb nocodb < 2026.05.1 CVE
LOW 2.3 CVE-2026-46554

NocoDB: Stale Auth Cache After API Token Deletion_CVE-2026-46554

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their ca...

nocodb nocodb < 2026.04.4 CVE
LOW 2.1 CVE-2026-46553

NocoDB: Attachment Size Limit Bypass via Upload-by-URL_CVE-2026-46553

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NC_ATTACHMENT_FIELD_SIZE agai...

nocodb nocodb < 2026.04.1 CVE
MEDIUM 5.8 CVE-2026-46552

NocoDB: Shared-base link access can invite arbitrary users as persistent base members_CVE-2026-46552

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, shared-base sessions were granted the same base-member capabilities ...

nocodb nocodb < 2026.04.1 CVE
MEDIUM 6.5 CVE-2026-46551

NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion_CVE-2026-46551

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, the uploadViaURL path in the v1/v2 attachment API did not enforce NC...

nocodb nocodb < 2026.04.4 CVE
MEDIUM 5.4 CVE-2026-46550

NocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` Flags_CVE-2026-46550

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the refresh-token cookie was set with httpOnly: true but missing bot...

nocodb nocodb < 2026.04.1 CVE
LOW 2 CVE-2026-46549

NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation_CVE-2026-46549

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauth_scope and oauth_granted_reso...

nocodb nocodb < 2026.04.1 CVE
MEDIUM 4.3 CVE-2026-46548

NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)_CVE-2026-46548

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in th...

nocodb nocodb < 2026.04.1 CVE