CVE-2026-24766 – NocoDB Vulnerable to Prototype Pollution in Connection Test Endpoint, Leading to DoS

CVE ID : CVE-2026-24766

Published : Jan. 28, 2026, 8:27 p.m. | 40 minutes ago

Description : NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, an authenticated user with org-level-creator permissions can exploit prototype pollution in the `/api/v2/meta/connection/test` endpoint, causing all database write operations to fail application-wide until server restart. While the pollution technically bypasses SUPER_ADMIN authorization checks, no practical privileged actions can be performed because database operations fail immediately after pollution. Version 0.301.0 patches the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2026-24766 – NocoDB Vulnerable to Prototype Pollution in Connection Test Endpoint, Leading to DoS

تکمیل ظرفیت سرور لهستان

سرور مناسب برای ترید و ارز دیجیتال

دیتاسنتر جدید در لهستان

سرور های جدید از اسپانیا

AMD EPYC & Ryzen از کشور انگلستان

آفر های جدید AMD EPYC و AMD Ryzen

آفر سرور اختصاصی از آمریکا

افزایش قیمت دامنه های ir از ۳۱ خرداد

افزایش قیمت جهانی دامنه .com

آفر های جدید سرور اختصاصی مرداد 1403

CVE-2025-71002 – OneFlow Floating-Point Exception Denial of Service

سرور های جدید از روسیه-وارز

تخفیف ویژه دامنه .ASIA

ثبت دامنه .IO

انتقال رایگان پسوند دامنه PW

Kerio Control 9.2.4 Build 2223

نوشته های مشابه

CVE-2026-24835 – Podman Desktop Extension System Vulnerable to Authentication Bypass

CVE-2026-24769 – NocoDB Vulnerable to Stored Cross-Site Scripting via SVG upload

CVE-2026-1533 – code-projects Online Music Site AdminAddCategory.php sql injection

CVE-2026-1532 – D-Link DCS-700L Music File Upload Service setUploadMusic uploadmusic path traversal