Impact
Prior to 2026.05.1, a user in one workspace could exercise another workspace's integration through the testConnection endpoint by supplying its ID, because the integration was fetched in a bypass scope and the caller's permission check matched any base in any workspace. This allows the caller to use that integration even though it would normally belong to a different workspace. The vulnerability is an instance of improper authorization, classified as CWE‑290. It is fixed in 2026.05.1.
Affected Systems
The issue affects the Noco vendor nocodb:nocodb. Versions earlier than 2026.05.1 are vulnerable; the fix was released in the 2026.05.1 update. No other vendors or product variants are listed as affected.
Risk and Exploitability
The CVSS score of 6.9 indicates moderate severity, and the vulnerability is not listed in the CISA KEV catalog. The EPSS score is not available. The flaw can be exploited by any authenticated user who has access to a workspace; such a user can call the testConnection API endpoint with the ID of an integration from another workspace. The attack path requires only internal authentication and the ability to specify an integration ID. The impact is confined to the use of integration functionality that belongs to another workspace.
OpenCVE Enrichment
Github GHSA