{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28361", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-26T18:38:13.891Z", "datePublished": "2026-03-02T16:17:50.678Z", "dateUpdated": "2026-03-03T15:58:02.841Z"}, "containers": {"cna": {"title": "NocoDB: Missing Ownership Validation in MCP Token Operations", "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "lang": "en", "description": "CWE-639: Authorization Bypass Through User-Controlled Key", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U", "version": "4.0"}}], "references": [{"name": "https://github.com/nocodb/nocodb/security/advisories/GHSA-p9x3-w98f-7j3q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nocodb/nocodb/security/advisories/GHSA-p9x3-w98f-7j3q"}, {"name": "https://github.com/nocodb/nocodb/releases/tag/0.301.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/nocodb/nocodb/releases/tag/0.301.3"}], "affected": [{"vendor": "nocodb", "product": "nocodb", "versions": [{"version": "< 0.301.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-02T16:17:50.678Z"}, "descriptions": [{"lang": "en", "value": "NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in version 0.301.3."}], "source": {"advisory": "GHSA-p9x3-w98f-7j3q", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-03T15:57:48.300368Z", "id": "CVE-2026-28361", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-03T15:58:02.841Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-28361", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-03T15:57:48.300368Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-03T15:57:53.816Z"}}], "cna": {"title": "NocoDB: Missing Ownership Validation in MCP Token Operations", "source": {"advisory": "GHSA-p9x3-w98f-7j3q", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "nocodb", "product": "nocodb", "versions": [{"status": "affected", "version": "< 0.301.3"}]}], "references": [{"url": "https://github.com/nocodb/nocodb/security/advisories/GHSA-p9x3-w98f-7j3q", "name": "https://github.com/nocodb/nocodb/security/advisories/GHSA-p9x3-w98f-7j3q", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nocodb/nocodb/releases/tag/0.301.3", "name": "https://github.com/nocodb/nocodb/releases/tag/0.301.3", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in version 0.301.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639: Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-02T16:17:50.678Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28361", "state": "PUBLISHED", "dateUpdated": "2026-03-03T15:58:02.841Z", "dateReserved": "2026-02-26T18:38:13.891Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-02T16:17:50.678Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nocodb:nocodb:*:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4D8D2-EBCC-4E55-8FC1-3353EAB8B008", "versionEndExcluding": "0.301.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in version 0.301.3."}], "id": "CVE-2026-28361", "lastModified": "2026-03-03T19:00:44.510", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-02T17:16:34.467", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/nocodb/nocodb/releases/tag/0.301.3"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/nocodb/nocodb/security/advisories/GHSA-p9x3-w98f-7j3q"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.301.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "nocodb", "source": "cna", "vendor": "nocodb"}, "product": "nocodb", "vendor": "nocodb"}], "analysis": {"en": {"generated_at": "2026-04-16T14:30:28.938204+00:00", "value": {"mitigation_remediation": ["Upgrade NocoDB to version 0.301.3 or later to apply the ownership validation fix.", "If upgrading is not immediately possible, restrict Creator roles or remove them from sensitive bases to limit the scope of potentially affected users.", "Block MCP token endpoints at the network level until the patch is applied to prevent unauthorized token operations."], "summary": {"action": "Apply patch", "impact": "Unauthorized MCP token access"}, "threat_synthesis": {"affected_systems": "NocoDB version 0.301.2 and earlier. The issue persists until version 0.301.3, which includes the ownership validation fix. The affected product is NocoDB, a web\u2011based spreadsheet\u2011to\u2011database platform.", "description_and_impact": "The vulnerability exists in NocoDB\u2019s MCP token service, where token ownership validation is missing. A user with the Creator role in a base can read, regenerate, or delete any other user\u2019s MCP token if the token ID is known. This flaw allows an attacker to manipulate tokens that they do not own, potentially changing authentication credentials or revoking access for other users. The weakness is mapped to CWE-639, which represents lack of ownership checks on resource operations.", "risk_and_exploitability": "The CVSS rating of 4.9 indicates low severity, and the EPSS score is reported as below 1\u202f% so the probability of exploitation is very low. The flaw is not listed in the CISA KEV catalog. The attack vector likely requires the attacker to identify a valid token ID, which may be obtained through in\u2011application enumeration or social engineering. The Creator role must already be present in the target base, so lateral movement or privilege escalation outside that base is not possible from this weakness alone."}}}}, "created": "2026-03-03T08:42:47.683401+00:00", "updated": "2026-04-16T14:45:25.925010+00:00", "vendors": ["nocodb", "nocodb$PRODUCT$nocodb"]}