CVE-2026-47381
NocoDB: Cross-Workspace Integration Use in Connection Test
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a user in one workspace could exercise another workspace's integration through the testConnection endpoint by supplying its ID, because the integration was fetched in a bypass scope and the caller's permission check matched any base in any workspace. This vulnerability is fixed in 2026.05.1.
| CWE | CWE-290 |
| Vendor | nocodb |
| Product | nocodb |
| Published | Jun 23, 2026 |
Stay Ahead of the Next One
Get instant alerts for nocodb nocodb
Be the first to know when new unknown vulnerabilities affecting nocodb nocodb are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
nocodb / nocodb
< 2026.05.1