SSRF in Nocodb
CVE-2026-53931
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension a…
Affected products
- Nocodb — versions < 2026.05.1
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)