{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T17:09:09.462","vulnerabilities":[{"cve":{"id":"CVE-2026-24768","sourceIdentifier":"security-advisories@github.com","published":"2026-01-28T21:16:12.430","lastModified":"2026-02-04T20:04:07.483","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, an unvalidated redirect (open redirect) vulnerability exists in NocoDB’s login flow due to missing validation of the `continueAfterSignIn` parameter. During authentication, NocoDB processes a user-controlled redirect value and conditionally performs client-side navigation without enforcing any restrictions on the destination’s origin, domain or protocol. This allows attackers to redirect authenticated users to arbitrary external websites after login. This vulnerability enables phishing attacks by leveraging user trust in the legitimate NocoDB login flow. While it does not directly expose credentials or bypass authentication, it increases the likelihood of credential theft through social engineering. The issue does not allow arbitrary code execution or privilege escalation, but it undermines authentication integrity. Version 0.301.0 fixes the issue."},{"lang":"es","value":"NocoDB es un software para construir bases de datos como hojas de cálculo. Antes de la versión 0.301.0, existe una vulnerabilidad de redirección no validada (redirección abierta) en el flujo de inicio de sesión de NocoDB debido a la falta de validación del parámetro `continueAfterSignIn`. Durante la autenticación, NocoDB procesa un valor de redirección controlado por el usuario y realiza condicionalmente una navegación del lado del cliente sin aplicar ninguna restricción sobre el origen, dominio o protocolo del destino. Esto permite a los atacantes redirigir a usuarios autenticados a sitios web externos arbitrarios después del inicio de sesión. Esta vulnerabilidad permite ataques de phishing aprovechando la confianza del usuario en el flujo de inicio de sesión legítimo de NocoDB. Si bien no expone directamente credenciales ni omite la autenticación, aumenta la probabilidad de robo de credenciales a través de ingeniería social. El problema no permite la ejecución de código arbitrario ni la escalada de privilegios, pero socava la integridad de la autenticación. La versión 0.301.0 corrige el problema."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nocodb:nocodb:*:*:*:*:*:*:*:*","versionEndExcluding":"0.301.0","matchCriteriaId":"5E17808E-7686-4232-8ADC-D8C548B7F9F0"}]}]}],"references":[{"url":"https://github.com/nocodb/nocodb/security/advisories/GHSA-3hmw-8mw3-rmpj","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}