CVE-2026-40346 | nocobase up to 2.0.36 server-side request forgery (GHSA-mvvv-v22x-xqwp)

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability labeled as critical has been found in nocobase up to 2.0.36. This issue affects some unknown processing. Executing a manipulation can lead to server-side request forgery.

This vulnerability is handled as CVE-2026-40346. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-40346 | nocobase up to 2.0.36 server-side request forgery (GHSA-mvvv-v22x-xqwp)

Post correlati

CVE-2024-36236 | Adobe Experience Manager up to 6.5.20 Link cross site scripting (apsb24-28)

CVE-2024-0795 | mintplex-labs anything-llm up to 0.x access control

CVE-2026-3422 | e-Excellence U-Office Force up to 29.50 deserialization

CVE-2024-45426 | Zoom Workplace App up to 6.0.x improper ownership management (ZSB-24038)