CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
NocoDB prior to version 2026.04.1 had a vulnerability that allowed exposure of values from hidden columns in public shared-view endpoints. Users could access these values through various paths, such as groupBy, filter, and sort.
NocoDB prior to version 2026.04.1 had a vulnerability in the hashRedirect plugin that allowed redirecting users to malicious sites. The redirection occurred after checking if the path starts with '/', which allowed the use of protocol-relative URLs.
NocoDB prior to version 2026.04.1 had a vulnerability in the password-reset page that rendered the URL token directly into JavaScript string literals. A crafted token could break out of the JS string context and execute attacker-controlled script.
NocoDB prior to version 2026.04.1 allows an authenticated user with columnAdd permission to inject arbitrary SQL into the formula engine via the direction argument of ARRAYSORT(...). The value is unrestricted by formula validation and embedded into a knex.raw ORDER BY clause, executing during column creation and on every subsequent record read of the formula column.
NocoDB prior to version 2026.05.1 had a vulnerability that allowed access to hidden columns in shared views. Public relation endpoints accepted a caller-supplied column ID without verifying if the column was visible in the shared view.
NocoDB prior to version 2026.04.1 had a vulnerability that allowed attackers to access database members through the shared-base session UUID. Attackers could invite arbitrary email addresses as real members of the base, leading to unauthorized access.
NocoDB prior to version 2026.04.4 had a vulnerability in the attachment API that allowed authenticated users to download arbitrarily large files, leading to disk space exhaustion and denial of service.
NocoDB prior to version 2026.04.1 had a security vulnerability related to the refresh-token cookie, which was set with httpOnly: true but lacked both the secure flag and the sameSite attribute. This allowed the cookie to be intercepted on the network and enabled CSRF attacks against the token-refresh endpoint.
NocoDB prior to version 2026.04.1 had non-functional SSRF protection in four notification webhook plugins (Slack, Discord, Mattermost, Teams). An authenticated user with hook-creation permission could direct outbound POST requests to arbitrary internal hosts.
NocoDB prior to version 2026.04.1 had a reflected XSS vulnerability in the Page Leaving Warning page. The ncRedirectUrl and ncBackUrl query parameters were used in window.location.href and <a> tag bindings without validation, allowing javascript: URI injection.
In the GStreamer library (gst-plugins-bad), processing a crafted H.264 video file with malformed MVC or SVC extension slice NAL units triggers a one-byte heap out-of-bounds read. The flaw occurs when the parser checks slice boundary information without verifying that the NAL unit contains enough data beyond the extension header.
A flaw was found in the GStreamer gst-plugins-bad package where processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator causes an out-of-bounds read of up to 8 bytes from adjacent memory. An attacker can exploit this by providing a malicious video file or stream, leading to memory content leakage through video metadata.
A flaw in the community.general Ansible collection's nexmo module sends API credentials (api_key and api_secret) as URL query parameters via GET requests. This exposes credentials in web server logs, proxy logs, HTTP Referer headers, and network monitoring tools, despite the Ansible argument specification marking these parameters as no_log.
The Ansible keyring_info module leaks SSH key passphrases and other secrets in plaintext to Ansible logs, AWX/Tower, and fact cache backends. Despite the input parameter being marked no_log=True, the module output is unprotected, allowing any user with log access to read the passphrase.
FOSSBilling, a billing and client management system, has an IDOR vulnerability in versions 0.6.21 through 0.7.2, allowing authenticated clients to create support tickets referencing other clients' orders. The ticketCreateForClient() method did not verify order ownership, enabling manipulation of rel_id.
Pi is a minimal terminal coding harness. In versions before 0.79.0, Pi loaded project-local resources and configurations from a repository's .pi directory without asking the user to trust that repository, potentially allowing malicious code execution.
In RTK (Rust Token Killer) prior to version 0.32.0, a vulnerability was found due to improper trust of project-local configuration files. The tool automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to selectively suppress or alter command output (including file contents, diffs, and security scan results) without detection, potentially concealing malicious code during AI-assisted development or review.
A vulnerability in the Ash library allows an attacker to set the value of a private action argument that should only be controlled by trusted server-side code. The filtering of private arguments is incomplete – in the changeset path only atom keys are stripped, and in the atomic path they are not stripped at all.
The @rtk-ai/rtk-rewrite plugin version 1.0.0 fails to sanitize user input before passing it to a shell-backed execSync() template string, allowing arbitrary OS command injection. JSON.stringify() does not protect against shell metacharacters like $() and backticks, which are executed by /bin/sh -c.
In versions prior to 0.186, Daytona's sandbox volume reference (volumeId) was forwarded to the runner, potentially allowing unauthorized access to paths outside the intended base directory. The use of path-traversal sequences could enable the construction of the host bind-mount source path without proper confinement.

