Description
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in version 0.301.3.
Published: 2026-03-02
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized MCP token access
Action: Apply patch
AI Analysis

Impact

The vulnerability exists in NocoDB’s MCP token service, where token ownership validation is missing. A user with the Creator role in a base can read, regenerate, or delete any other user’s MCP token if the token ID is known. This flaw allows an attacker to manipulate tokens that they do not own, potentially changing authentication credentials or revoking access for other users. The weakness is mapped to CWE-639, which represents lack of ownership checks on resource operations.

Affected Systems

NocoDB version 0.301.2 and earlier. The issue persists until version 0.301.3, which includes the ownership validation fix. The affected product is NocoDB, a web‑based spreadsheet‑to‑database platform.

Risk and Exploitability

The CVSS rating of 4.9 indicates low severity, and the EPSS score is reported as below 1 % so the probability of exploitation is very low. The flaw is not listed in the CISA KEV catalog. The attack vector likely requires the attacker to identify a valid token ID, which may be obtained through in‑application enumeration or social engineering. The Creator role must already be present in the target base, so lateral movement or privilege escalation outside that base is not possible from this weakness alone.

Generated by OpenCVE AI on April 16, 2026 at 14:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade NocoDB to version 0.301.3 or later to apply the ownership validation fix.
  • If upgrading is not immediately possible, restrict Creator roles or remove them from sensitive bases to limit the scope of potentially affected users.
  • Block MCP token endpoints at the network level until the patch is applied to prevent unauthorized token operations.

Generated by OpenCVE AI on April 16, 2026 at 14:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-p9x3-w98f-7j3q NocoDB Missing Ownership Validation in MCP Token Operations
History

Tue, 03 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Nocodb
Nocodb nocodb
CPEs cpe:2.3:a:nocodb:nocodb:*:*:*:*:*:*:*:*
Vendors & Products Nocodb
Nocodb nocodb
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

Tue, 03 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
Description NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in version 0.301.3.
Title NocoDB: Missing Ownership Validation in MCP Token Operations
Weaknesses CWE-639
References
Metrics cvssV4_0

{'score': 4.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U'}

Subscriptions

Nocodb Nocodb
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-03T15:58:02.841Z

Reserved: 2026-02-26T18:38:13.891Z

Link: CVE-2026-28361

cve-icon Vulnrichment

Updated: 2026-03-03T15:57:53.816Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-02T17:16:34.467

Modified: 2026-03-03T19:00:44.510

Link: CVE-2026-28361

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:45:25Z

Weaknesses