Description
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. This vulnerability is fixed in 2026.05.1.
Published: 2026-06-23
Score: 2.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Before version 2026.05.1, NocoDB’s MCP readAttachment tool did not enforce ownership checks, allowing a low‑privilege MCP token holder who knows the storage path of an attachment to read any file in shared storage, including attachments belonging to other bases and workspaces. This authorization flaw (CWE‑639) permits disclosure of files from other bases and workspaces, potentially exposing sensitive documents and configuration information. The vulnerability is fixed in 2026.05.1.

Affected Systems

The issue affects all NocoDB installations running any version before 2026.05.1.

Risk and Exploitability

The CVSS score of 2.3 indicates low severity, and the EPSS score is not available. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires possession of a low‑privilege MCP token and prior knowledge of the attachment path, so the attack vector is likely internal or compromised token usage. Given the low score, the risk is comparatively modest but still warrants patching because data disclosure is possible.

Generated by OpenCVE AI on June 24, 2026 at 10:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade NocoDB to version 2026.05.1 or newer to eliminate the missing ownership check.
  • Revoke and regenerate any unused or potentially compromised MCP tokens to reduce the attack surface.
  • Install filesystem permissions and implement additional server‑side validation to ensure only authorized users can access attachment locations.

Generated by OpenCVE AI on June 24, 2026 at 10:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-xxpj-q764-9r6q NocoDB: Missing Ownership Check in MCP Attachment Read
History

Wed, 24 Jun 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Nocodb
Nocodb nocodb
Vendors & Products Nocodb
Nocodb nocodb

Tue, 23 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Description NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. This vulnerability is fixed in 2026.05.1.
Title NocoDB: Missing Ownership Check in MCP Attachment Read
Weaknesses CWE-639
References
Metrics cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Nocodb Nocodb
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-23T20:09:30.471Z

Reserved: 2026-05-19T19:22:45.729Z

Link: CVE-2026-47388

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T10:15:05Z

Weaknesses
  • CWE-639

    Authorization Bypass Through User-Controlled Key